Vulnerability Description
AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account numbers via a brute force attack.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amtote | Homebet | - |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2001-09/0235.htmlBroken LinkVendor Advisory
- http://www.iss.net/security_center/static/7185.phpBroken Link
- http://www.securityfocus.com/bid/3371Broken LinkExploitThird Party Advisory
- http://archives.neohapsis.com/archives/bugtraq/2001-09/0235.htmlBroken LinkVendor Advisory
- http://www.iss.net/security_center/static/7185.phpBroken Link
- http://www.securityfocus.com/bid/3371Broken LinkExploitThird Party Advisory
FAQ
What is CVE-2001-1528?
CVE-2001-1528 is a vulnerability with a CVSS score of 5.0 (MEDIUM). AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account...
How severe is CVE-2001-1528?
CVE-2001-1528 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1528?
Check the references section above for vendor advisories and patch information. Affected products include: Amtote Homebet.