Описание
The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 generates different error messages depending on whether a username is valid, which allows remote attackers to enumerate valid usernames.
Релиз | Статус | Примечание |
---|---|---|
dapper | DNE | |
devel | not-affected | 1.02.1-2 |
hardy | ignored | end of life |
intrepid | ignored | end of life, was needed |
jaunty | ignored | end of life |
karmic | ignored | end of life |
lucid | not-affected | 1.02.1-2 |
maverick | not-affected | 1.02.1-2 |
natty | not-affected | 1.02.1-2 |
oneiric | not-affected | 1.02.1-2 |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 generates different error messages depending on whether a username is valid, which allows remote attackers to enumerate valid usernames.
The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 generates different error messages depending on whether a username is valid, which allows remote attackers to enumerate valid usernames.
The web interface in Open Computer and Software Inventory Next Generat ...
The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 generates different error messages depending on whether a username is valid, which allows remote attackers to enumerate valid usernames.
EPSS
5 Medium
CVSS2