CVE-2005-0797

Name of the Vulnerable Software and Affected Versions Novell iChain Mini FTP Server version 2.3

Description The issue allows remote attackers to obtain sensitive information and facilitates brute force attacks by displaying different error messages based on whether a user exists or not.

Recommendations For Novell iChain Mini FTP Server version 2.3, consider modifying the error messages to be more generic, avoiding the disclosure of sensitive information about user existence. As a temporary workaround, restrict access to the FTP server to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.