CVE-2005-4673 Information

Description

ioFTPD 0.5.84 u responds with different messages depending on whether or not a username exists which allows remote attackers to enumerate valid usernames.

Reference

http://www.critical.lt/?vulnerabilities/119 http://www.osvdb.org/22709 http://www.security.nnov.ru/Kdocument79.html http://www.securityfocus.com/bid/15253