VYPR
Unrated severityNVD Advisory· Published Oct 15, 2004· Updated Jun 16, 2026

CVE-2004-1602

CVE-2004-1602

Description

ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Proftpd/Proftpd2 versions
    cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*range: >=1.2.0,<=1.2.10
    • (no CPE)range: <=1.2.10

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.