Unrated severityNVD Advisory· Published May 28, 2009· Updated Jun 16, 2026
CVE-2009-1384
CVE-2009-1384
Description
pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
12- bugzilla.redhat.com/show_bug.cginvdVendor Advisory
- osvdb.org/54791nvd
- secunia.com/advisories/35230nvd
- secunia.com/advisories/43314nvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2009/05/27/1nvd
- www.securityfocus.com/archive/1/516397/100/0/threadednvd
- www.securityfocus.com/bid/35112nvd
- www.vmware.com/security/advisories/VMSA-2011-0003.htmlnvd
- www.vupen.com/english/advisories/2009/1448nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7081nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9652nvd
News mentions
0No linked articles in our index yet.