CVE-2006-2247

NameCVE-2006-2247
DescriptionWebCalendar 1.0.1 to 1.0.3 generates different error messages depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1056-1
NVD severitymedium (attack range: remote)
Debian Bugs366927

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
webcalendarsource(unstable)1.0.2-2.2medium366927
webcalendarsourcesarge0.9.45-4sarge4mediumDSA-1056-1

Search for package or bug name: Reporting problems