CVE-2005-0432 Information

Description

BEA WebLogic Server 7.0 Service Pack 5 and earlier and 8.1 Service Pack 3 and earlier generates different login exceptions that suggest why an authentication attempt fails which makes it easier for remote attackers to guess passwords via brute force attacks.

Reference

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA05-74.00.jsp http://secunia.com/advisories/14298