Vulnerabilities > CVE-2004-0294 - Information Exposure Through Discrepancy vulnerability in Yabbforumsoftware YET Another Bulletin Board 1.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it easier for remote attackers to identify valid users and conduct a brute force password guessing attack.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |