CVE-2009-1293

N/A Unknown

Published: April 16, 2009 Modified: April 23, 2026

Description

The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/34714

Source: cve@mitre.org

http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7002997&sliceId=1&docTypeID=DT_TID_1_1&dialogID=33090060&stateId=1%200%2033084737

Source: cve@mitre.org

Patch Vendor Advisory

http://www.securityfocus.com/archive/1/502704/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/34531

Source: cve@mitre.org

Exploit

http://www.securitytracker.com/id?1022063

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1048

Source: cve@mitre.org

https://www.sec-consult.com/files/20090415-0-novell-teaming.txt

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/34714