CVE-2001-1528

Sažetak

AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account numbers via a brute force attack.

Reference

http://archives.neohapsis.com/archives/bugtraq/2001-09/0235.html
http://www.iss.net/security_center/static/7185.php
http://www.securityfocus.com/bid/3371

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

14-02-2024 - 15:17

Objavljeno

31-12-2001 - 05:00