Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-08-31T04:00:00

Updated: 2024-08-08T03:12:16.625Z

Reserved: 2002-08-30T00:00:00

Link: CVE-2002-1064

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2002-10-04T04:00:00.000

Modified: 2024-11-20T23:40:30.620

Link: CVE-2002-1064

cve-icon Redhat

No data.