CVE-2003-0402
Summary
The default login template (/vgn/login) in Vignette StoryServer 5 and Vignette V/5 generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks.
- LOW
- NETWORK
- NONE
- NONE
- PARTIAL
- NONE
References
Advisory Timeline
- Published