CVE-2002-1064 Information

Description

Thomas Hauck Jana Server 2.x through 2.2.1 and 1.4.6 and earlier generates different responses for valid and invalid usernames which allows remote attackers to identify valid users on the server.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html http://www.iss.net/security_center/static/9688.php http://www.securityfocus.com/bid/5326