NuytsTech Security

CVE-2009-1293

by ·

The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

Date published : 2009-04-16

http://www.securityfocus.com/bid/34531

http://www.securityfocus.com/archive/1/502704/100/0/threaded

Tags: