VYPR
Unrated severityNVD Advisory· Published Aug 27, 2003· Updated Jun 16, 2026

CVE-2003-0637

CVE-2003-0637

Description

Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing.

Affected products

2
  • Novell/Ichain2 versions
    cpe:2.3:a:novell:ichain:2.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:novell:ichain:2.2:*:*:*:*:*:*:*
    • (no CPE)range: <= 2.2 before Support Pack 1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.