CVE-2001-1483
One-Time Passwords In Everything 2.32 and 2.4 - User Enumeration via Passphrase Response Discrepancy
Title source: llmDescription
One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7572
Broken Link, Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/20011115221226.7C93E186B0%40atlas.dgp.toronto.edu
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3549
Scores
EPSS
0.0367
EPSS Percentile
88.2%
Details
CWE
CWE-203
Status
published
Products (2)
nrl.navy/one-time_passwords_in_everything
2.4
nrl.navy/one-time_passwords_in_everything
2.32
Published
Dec 31, 2001
Tracked Since
Feb 18, 2026