Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid.
Max CVSS
5.0
EPSS Score
3.07%
Published
2005-08-23
Updated
2016-10-18
1 vulnerabilities found