Skip to main content

CVE-2002-1064

Severity Medium
Score 5/10

Summary

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • PARTIAL
  • NONE

References

Advisory Timeline

  • Published