CVE DATABASE / CVE-2001-1528
CVE-2001-1528
CVSS 5 · MEDIUM
Summary
AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account numbers via a brute force attack.
CVSS 2.0 breakdown
| Base score | 5 (MEDIUM) |
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Confidentiality | PARTIAL |
| Integrity | NONE |
| Availability | NONE |
Weakness type (CWE)
Affected products
Amtote homebet
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://archives.neohapsis.com/archives/bugtraq/2001-09/0235.html
- http://www.iss.net/security_center/static/7185.php
- http://www.securityfocus.com/bid/3371
Data: NIST NVD. NVD last modified 2026-04-16. Always verify against the vendor advisory before acting.