Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1769

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2009-1769
Last Modified 09 Sep 2009 12:00:00
Published 22 May 2009 02:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1769

Summary

The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 generates different error messages depending on whether a username is valid, which allows remote attackers to enumerate valid usernames.

Vulnerable Systems

Application

  • Ocsinventory-ng Ocs Inventory Ng 1.01


References

MISC - http://www.ocsinventory-ng.org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=133&cntnt01returnid=69

FEDORA - FEDORA-2009-5773

FEDORA - FEDORA-2009-5769

FEDORA - FEDORA-2009-5764

BID - 35023

SECUNIA - 35313

SECUNIA - 35157

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529344


Last Updated: 27 May 2016 10:50:40