CVE-2000-0938

Name of the Vulnerable Software and Affected Versions Samba version 2.0.7

Description The issue allows remote attackers to identify valid users on the server by exploiting a difference in error messages when a valid username is provided versus an invalid name.

Recommendations For Samba version 2.0.7, consider restricting access to the Samba Web Administration Tool (SWAT) until a fix is available. As a temporary workaround, avoid using the SWAT tool to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.