CVE-2005-0486

Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.

Published: Mar 30, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-0486
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
tarantella / tarantella_enterprise	3.40	3.40.x
tarantella / tarantella_enterprise	3.30	3.30.x
tarantella / secure_global_desktop	enterprise_3.42	enterprise_3.42.x
tarantella / secure_global_desktop	enterprise_4.0	enterprise_4.0.x

http://www.tarantella.com/security/bulletin-11.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/19407

Vulnerability Database

289,599

CVE-2005-0486