Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2004-1602 PoC — ProFTPd登录时间差异用户帐户泄露漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2004/CVE-2004-1602.yaml
Associated Vulnerability
Title:ProFTPd登录时间差异用户帐户泄露漏洞 (CVE-2004-1602)
Description:ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response.
Description
ProFTPD versions 1.2.x (including 1.2.8 and 1.2.10) are vulnerable to timing attacks that allow remote attackers to distinguish valid usernames from invalid ones. The server responds in varying amounts of time when a given username exists, enabling username enumeration through response time analysis.
File Snapshot

 id: CVE-2004-1602

info:
  name: ProFTPD 1.2.x - Username Enumeration via Timing Attack
  author: pu

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →