Quoting Tim Rørstrøm ([EMAIL PROTECTED]): > Package: login > Version: 1:4.1.1-3 > Severity: grave > Tags: security > Justification: user security hole > > At the console login prompt, entering a username which does not exist on the > system, will immediately show an error message, thus revealing that the > username is in fact non-existant on the system. This dramatically reduces the > time it would take to brute-force your way into a user's account.
Could you please send the content of /etc/pam.d/login ?
signature.asc
Description: Digital signature
