ProFTPD Authentication Delay Username Enumeration Vulnerability

A timing attack is described in ProFTPD that could assist a remote user in enumerating usernames.

A remote attacker may exploit this vulnerability to determine what usernames are valid, privileged, or do not exist on the remote system.


 

Privacy Statement
Copyright 2010, SecurityFocus