Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2003-07-29T04:00:00
Updated: 2024-08-08T01:58:11.103Z
Reserved: 2003-07-07T00:00:00
Link: CVE-2003-0512
Vulnrichment
No data.
NVD
Status : Modified
Published: 2003-08-27T04:00:00.000
Modified: 2024-11-20T23:44:54.683
Link: CVE-2003-0512
Redhat
No data.