Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0212

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0212
Last Modified 10 Sep 2008 08:00:43
Published 16 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0212

Summary

The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack.

Vulnerable Systems

Application

  • Hosting Controller 1.1

  • Hosting Controller 1.3

  • Hosting Controller 1.4

  • Hosting Controller 1.4.1

  • Hosting Controller 1.4b


References

XF - hosting-controller-brute-force(8006)

BUGTRAQ - 20020126 [ARL02-A01] Vulnerability in Hosting Controller

MISC - http://hostingcontroller.com/English/patches/ForAll/index.html

BID - 3971


Last Updated: 27 May 2016 10:36:50