| VID |
18028 |
| Severity |
20 |
| Port |
110 |
| Protocol |
TCP |
| Class |
Pop3 |
| Detailed Description |
The remote POP server allows an attacker to obtain a list on valid logins on the remote host, thanks to a brute force attack. Especially, the POP3 server in Netscape Messaging Server 4.15 displays a different message for an authentication error due to an invalid password then for one due to an invalid username. This could be used to "harvest" email addresses for spam lists.
If the user connects to this port (110) and issues the commands :
USER 'someusername'
PASS 'whatever'
Then he will get a different response if the account 'someusername' exists or not.
* References:
http://www.iss.net/security_center/static/5364.php
http://www.securityfocus.com/bid/1787 |
| Recommendation |
No remedy available as of June 2014. |
| Related URL |
CVE-2000-0960 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
