ID de Prueba:	1.3.6.1.4.1.25623.1.0.80021
Categoría:	Web application abuses
Título:	WebCalendar User Account Enumeration Disclosure Issue
Resumen:	The version of WebCalendar on the remote host is prone to a user; account enumeration weakness in that in response to login attempts it returns different error messages; depending on whether the user exists or the password is invalid.
Descripción:	Summary: The version of WebCalendar on the remote host is prone to a user account enumeration weakness in that in response to login attempts it returns different error messages depending on whether the user exists or the password is invalid. Solution: Upgrade to WebCalendar 1.0.4 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	BugTraq ID: 17853 Common Vulnerability Exposure (CVE) ID: CVE-2006-2247 http://www.securityfocus.com/bid/17853 Bugtraq: 20060504 WebCalendar User Account Enumeration Weakness (Google Search) http://www.securityfocus.com/archive/1/433053/100/0/threaded Bugtraq: 20060505 Re: WebCalendar User Account Enumeration Weakness (Google Search) http://www.securityfocus.com/archive/1/433077/100/0/threaded Debian Security Information: DSA-1056 (Google Search) http://www.debian.org/security/2006/dsa-1056 http://www.osvdb.org/25280 http://secunia.com/advisories/19974 http://secunia.com/advisories/20108 XForce ISS Database: webcalendar-user-information-disclosure(26262) https://exchange.xforce.ibmcloud.com/vulnerabilities/26262
Copyright	Copyright (C) 2008 David Maciejak

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.