CVE-2005-4029

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.1470%

EPSS Percentile40.11th

PublishedDec 5, 2005

Last ModifiedApr 16, 2026

Vulnerability Description

WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute force methods.

Affected Platforms (CPE)

📦

Esi Products

Webeoc

<= 6.0.1

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/170394

Related Vulnerabilities

CVE-2005-228610.0

WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct requ...

CVE-2005-22817.5

WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which makes it easier for attackers to crack passwords.

CVE-2005-22847.5

Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow remote attackers to modify SQL statements via unknown attack v...

CVE-2005-22855.0

WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remot...