CVE-2001-1528

Exploit

EPSS 7.86%
Published 31.12.2001 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account numbers via a brute force attack.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Amtote ≫ Homebet Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	7.86%	0.912

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

http://archives.neohapsis.com/archives/bugtraq/2001-09/0235.html

Vendor Advisory

Broken Link

http://www.iss.net/security_center/static/7185.php

Broken Link

http://www.securityfocus.com/bid/3371

Third Party Advisory

Exploit

Broken Link

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2001-1528

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2001-1528

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2001-1528

EUVD