CVE-2008-1287

IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.

Date published : 2008-03-11

http://www-1.ibm.com/support/docview.wss?uid=swg1PK55561

http://www.securityfocus.com/bid/28132