Vulnerabilities > CVE-2002-0212 - Unspecified vulnerability in Hosting Controller Hosting Controller
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
References
- http://hostingcontroller.com/English/patches/ForAll/index.html
- http://hostingcontroller.com/English/patches/ForAll/index.html
- http://marc.info/?l=bugtraq&m=101224151705897&w=2
- http://marc.info/?l=bugtraq&m=101224151705897&w=2
- http://www.iss.net/security_center/static/8006.php
- http://www.iss.net/security_center/static/8006.php
- http://www.securityfocus.com/bid/3971
- http://www.securityfocus.com/bid/3971