CVE-2009-1769

The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 generates different error messages depending on whether a username is valid, which allows remote attackers to enumerate valid usernames.

Date published : 2009-05-22

http://www.securityfocus.com/bid/35023

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529344