Username Enumeration Vulnerability in Symantec Enterprise Firewall
CVE-2007-4422

Currently unrated

Key Information:

Vendor

Symantec
Status
Enterprise Firewall
Vendor
CVE Published:
18 August 2007

What is CVE-2007-4422?

The login interface of Symantec Enterprise Firewall 6.x exhibits a vulnerability when VPN with pre-shared key (PSK) authentication is enabled. This flaw allows remote attackers to discern valid usernames through varied responses from the system based on username validity. Such enumeration opens the door for potential brute-force attacks or unauthorized access attempts, posing a significant risk to network security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/26511
third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id?1018578
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/25338
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.