CVE-2003-0637 Information

Description

Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user which makes it easier for remote attackers to guess usernames and conduct brute force password guessing.

Reference

http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm