CVE-2008-1618

CVE-2008-1618 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The PPTP VPN service in Watchguard Firebox before 10, when performing the MS-CHAPv2 authentication handshake, generates different error codes depending on whether the username is valid or invalid, which allows remote attackers to enumerate valid usernames.

Learn more about our User Device Pen Test.