Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux | Redhat | 7.0 (including) | 7.0 (including) |