|
Family: Misc. --> Category: infos
Netscape Messenging Server User List Vulnerability Scan
Vulnerability Scan Summary Checks the error messages issued by the pop3 server
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote POP server allows a possible hacker to acertain wether
a given username exists or not.
Description :
The remote POP server allows a possible hacker to obtain a list
of valid logins on the remote host, thanks to a brute force
attack.
If the user connects to this port and issues the commands :
USER 'someusername'
PASS 'whatever'
Then he will get a different response if the account 'someusername'
exists or not.
Solution :
None at this time
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|