Candidate: CVE-2012-5055
PublicDate: 2012-12-05 17:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5055
 http://support.springsource.com/security/CVE-2012-5055
Description:
 DaoAuthenticationProvider in VMware SpringSource Spring Security before
 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the
 password if the user is not found, which makes the response delay shorter
 and might allow remote attackers to enumerate valid usernames via a series
 of login requests.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_libspring-security-2.0-java:
upstream_libspring-security-2.0-java: needs-triage
hardy_libspring-security-2.0-java: DNE
lucid_libspring-security-2.0-java: DNE
oneiric_libspring-security-2.0-java: ignored (reached end-of-life)
precise_libspring-security-2.0-java: ignored (reached end-of-life)
precise/esm_libspring-security-2.0-java: DNE (precise was needed)
quantal_libspring-security-2.0-java: ignored (reached end-of-life)
raring_libspring-security-2.0-java: ignored (reached end-of-life)
saucy_libspring-security-2.0-java: ignored (reached end-of-life)
trusty_libspring-security-2.0-java: ignored (reached end-of-life)
trusty/esm_libspring-security-2.0-java: DNE (trusty was needed)
utopic_libspring-security-2.0-java: ignored (reached end-of-life)
vivid_libspring-security-2.0-java: ignored (reached end-of-life)
vivid/stable-phone-overlay_libspring-security-2.0-java: DNE
vivid/ubuntu-core_libspring-security-2.0-java: DNE
wily_libspring-security-2.0-java: ignored (reached end-of-life)
xenial_libspring-security-2.0-java: DNE
yakkety_libspring-security-2.0-java: DNE
zesty_libspring-security-2.0-java: DNE
artful_libspring-security-2.0-java: DNE
bionic_libspring-security-2.0-java: DNE
cosmic_libspring-security-2.0-java: DNE
disco_libspring-security-2.0-java: DNE
devel_libspring-security-2.0-java: DNE