Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1287

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-1287
Last Modified 17 Oct 2011 12:00:00
Published 11 Mar 2008 01:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1287

Summary

IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.

Vulnerable Systems

Application

  • Ibm Rational Clearquest 7.0.0.2

  • Ibm Rational Clearquest 7.0.1.1


References

BID - 28132

AIXAPAR - PK55561

SECUNIA - 29280

XF - clearquest-username-information-disclosure(41042)

VUPEN - ADV-2008-0804

SECTRACK - 1019566


Last Updated: 27 May 2016 10:47:06