CVE-2010-0216

authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the UserID parameter.

Date published : 2011-05-10

http://www.securityfocus.com/bid/47572

http://www.packetninjas.net/storage/advisories/MediaCast-PWDump-FINAL.txt