Vulnerability Details CVE-2001-1528
AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account numbers via a brute force attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.079
EPSS Ranking 91.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2001-09/0235.html
- http://www.iss.net/security_center/static/7185.php
- http://www.securityfocus.com/bid/3371
- http://archives.neohapsis.com/archives/bugtraq/2001-09/0235.html
- http://www.iss.net/security_center/static/7185.php
- http://www.securityfocus.com/bid/3371