CVE-2004-0243

IBM AIX 4.3.3-5.1 - Observable Discrepancy in Remote Login Error Messages

Title source: llm
STIX 2.1

Description

AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.

References (3)

Core 3
Core References
Broken Link mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2004-02/0313.html
Broken Link mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107583269206044&w=2
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15172

Scores

EPSS 0.0168
EPSS Percentile 74.0%

Details

CWE
CWE-203
Status published
Products (1)
ibm/aix
Published Nov 23, 2004
Tracked Since Feb 18, 2026