2006-11-22 05:00:00
mitre
PUBLISHED
NetEpi Case Manager before 0.98 generates different error messages depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.