CVE-1999-0856

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Dec 1, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-0856 is a vulnerability affecting Slackware 7.0's login process. When a user attempts to log in with an invalid account or a locked account, an encryption error message is returned to the attacker. This error message unintentionally reveals whether the account exists or not, enabling remote attackers to identify valid usernames on the system. This information could be used in further attacks against the targeted system. It is recommended that affected users update their Slackware installation to a more recent version to mitigate this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share