ID CVE-2003-0512
Summary Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.
References
Vulnerable Configurations
  • Cisco IOS 12.0 (24)S1
    cpe:2.3:o:cisco:ios:12.0%2824%29s1
  • Cisco IOS 12.0 (24.2)S
    cpe:2.3:o:cisco:ios:12.0%2824.2%29s
  • Cisco IOS 12.2 (11)JA1
    cpe:2.3:o:cisco:ios:12.2%2811%29ja1
  • Cisco IOS 12.2 (14.5)
    cpe:2.3:o:cisco:ios:12.2%2814.5%29
  • Cisco IOS 12.2 (14.5)T
    cpe:2.3:o:cisco:ios:12.2%2814.5%29t
  • Cisco IOS 12.2 (15)ZN
    cpe:2.3:o:cisco:ios:12.2%2815%29zn
  • Cisco IOS 12.2 (15.1)S
    cpe:2.3:o:cisco:ios:12.2%2815.1%29s
  • Cisco IOS 12.2 (16)B
    cpe:2.3:o:cisco:ios:12.2%2816%29b
  • Cisco IOS 12.2 (16.1)B
    cpe:2.3:o:cisco:ios:12.2%2816.1%29b
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
NASL family CISCO
NASL id CISCO-SN-20030724-IOS-ENUM.NASL
description It is possible to enumerate all locally defined users, which are used for authentication, on a Cisco IOS device if aaa new-model is not used.
last seen 2019-02-21
modified 2018-07-06
plugin id 17786
published 2012-01-10
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=17786
title Cisco IOS Locally Defined User Enumeration
oval via4
accepted 2008-09-08T04:00:48.595-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.
family ios
id oval:org.mitre.oval:def:5824
status accepted
submitted 2008-05-02T11:06:36.000-04:00
title Cisco IOS User Enumeration via Error Messages
version 3
refmap via4
cert-vn VU#886796
cisco 20030724 Enumerating Locally Defined Users in Cisco IOS
misc http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003002.htm
vulnwatch 20030728 Cisco Aironet AP1100 Valid Account Disclosure Vulnerability
Last major update 04-03-2009 - 00:18
Published 27-08-2003 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top