BlackMoon FTP Login Error Message User Enumeration
Medium Nessus Plugin ID 11648
SynopsisThe remote FTP server has a user enumeration vulnerability.
DescriptionThe version of BlackMoon FTP running on the remote host issues a special error message when a user attempts to log in using a nonexistent account.
An attacker may use this flaw to make a list of valid accounts, which can be used to mount further attacks.
SolutionUpgrade to the latest version of BlackMoon FTP.