CVE-2001-1528 Information

Description

AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided which allows remote attackers to determine the existence of valid account numbers via a brute force attack.

Reference

http://archives.neohapsis.com/archives/bugtraq/2001-09/0235.html http://www.iss.net/security_center/static/7185.php http://www.securityfocus.com/bid/3371