CVE-2009-1293

Currently unrated

Key Information:

Vendor: Novell
Status: Teaming
Vendor: CVE Published:; 16 April 2009

Summary

The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

References

https://www.sec-consult.com/files/20090415-0-novell-teami...

x_refsource_MISC

http://www.vupen.com/english/advisories/2009/1048

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/34714

third-party-advisoryx_refsource_SECUNIA

EPSS Score

2% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 16, 2009
Vulnerability Reserved
Apr 14, 2009

Collectors

NVD DatabaseMitre Database