Lucene search
HistorySep 12, 2001 - 4:00 a.m.
CVE-2001-1013
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.036
Percentile
91.7%
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
Affected configurations
Node
redhatlinuxMatch7.0
References
Related
cve
cve
CVE-2001-1013
2002-02-02 05:00:00
redhatcve
redhatcve
CVE-2001-1013
2015-11-05 09:28:47
cvelist
cvelist
CVE-2001-1013
2002-02-02 05:00:00
exploitdb
exploitdb
RedHat Linux 7.0 Apache - Remote Username Enumeration
2001-09-12 00:00:00
packetstorm
packetstorm
Apache Mod_userdir User Enumeration
2024-09-01 00:00:00
openvas
openvas
Nmap NSE net: http-vmware-path-vuln
2011-06-01 00:00:00
Apache HTTP Server UserDir Sensitive Information Disclosure
2005-11-03 00:00:00
Nmap NSE net: http-userdir-enum
2011-06-01 00:00:00
metasploit
metasploit
Apache "mod_userdir" User Enumeration
2011-08-15 05:56:55
nessus
nessus
Apache UserDir Directive Username Enumeration
2001-09-18 00:00:00
nmap
nmap
http-userdir-enum NSE Script
2009-08-22 22:04:32
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.036
Percentile
91.7%
Related for NVD:CVE-2001-1013