Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote malicious users to guess usernames and conduct brute force password guessing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell ichain 2.2 |