VYPR
Unrated severityNVD Advisory· Published May 16, 2002· Updated Jun 16, 2026

CVE-2002-0212

CVE-2002-0212

Description

The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack.

Affected products

6
  • cpe:2.3:a:hosting_controller:hosting_controller:1.1:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:hosting_controller:hosting_controller:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:hosting_controller:hosting_controller:1.4b:*:*:*:*:*:*:*
    • (no CPE)range: 1.1 - 1.4.1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.