Vulnerabilities > CVE-2004-0243 - Information Exposure Through Discrepancy vulnerability in IBM AIX 4.3.3/5/5.1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ibm

CWE-203

NVD

Published: 2004-11-23

Updated: 2024-02-14

Summary

AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.

Vulnerable Configurations

Part	Description	Count
OS	Ibm IBM AIX * IBM AIX 4.3.3 IBM AIX 5 IBM AIX 5.1	4

Common Weakness Enumeration (CWE)

CWE-203 - Information Exposure Through Discrepancy

References

http://archives.neohapsis.com/archives/bugtraq/2004-02/0313.html
http://marc.info/?l=bugtraq&m=107583269206044&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/15172