*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: vsftpd There is a bug in vsftpd daemon, which causes the system to skip asking for a password if the username is invalid. This enables a remote user to determine whether the enter user account names are valid or not. The bug occurs when the user whitelisting facility is being used. ** Affects: vsftpd (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public -- vsftpd: discloses whether usernames are valid or not https://bugs.launchpad.net/bugs/672328 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs