CVE-2003-0637

Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing.

Date published : 2003-08-02

http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm