[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Username enumeration weakness in Apache Tomcat Form in Apple Mac OS X via an unanticipated oplock break notification reply packet

ID: oval:org.secpod.oval:def:3852Date: (C)2012-01-20   (M)2017-10-04
Class: VULNERABILITYFamily: macos




The host is installed with Apple Mac OS X Server before 10.6.3 and is prone to an username enumeration vulnerability. A flaw is present in the application, since it displays different responses to login attempts, depending on whether or not the username exists. Successful exploitation could allow remote attackers to discern valid usernames.

Platform:
Apple Mac OS X Server 10.5
Apple Mac OS X Server 10.6
Reference:
CVE-2009-0580
CVE    1
CVE-2009-0580
CPE    1
cpe:/o:apple:mac_os_x_server

© 2013 SecPod Technologies