Unrated severityNVD Advisory· Published Apr 16, 2009· Updated Apr 23, 2026

CVE-2009-1293

Description

The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

Affected products

Novell/Teaming7 versions
cpe:2.3:a:novell:teaming:1.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:novell:teaming:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:novell:teaming:1.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:novell:teaming:1.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:novell:teaming:1.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:novell:teaming:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:novell:teaming:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:novell:teaming:1.0.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.novell.com/support/php/search.donvdPatchVendor Advisory
www.securityfocus.com/bid/34531nvdExploit
www.sec-consult.com/files/20090415-0-novell-teaming.txtnvdExploit
secunia.com/advisories/34714nvd
www.securityfocus.com/archive/1/502704/100/0/threadednvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2009/1048nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000