Thomas Hauck Jana Server 2.x up to and including 2.2.1, and 1.4.6 and previous versions, generates different responses for valid and invalid usernames, which allows remote malicious users to identify valid users on the server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
t. hauck jana web server 1.0 |
||
t. hauck jana web server 1.45 |
||
t. hauck jana web server 1.46 |
||
t. hauck jana web server 2.0 |
||
t. hauck jana web server 2.0_beta2 |
||
t. hauck jana web server 2.0_beta1 |
||
t. hauck jana web server 2.2.1 |