CVE-2007-0109

Description

wp-login.php in WordPress 2.0.5 and earlier displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.

Affected packages (1)

• Debian/wordpressfrom 0, < 2.0.6-1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-0109