|
Family: Misc. --> Category: infos
Intellipeer POP3 server user account enumeration Vulnerability Scan
Vulnerability Scan Summary Checks for a flaw in Intellipeer pop3
Detailed Explanation for this Vulnerability Test
The remote POP3 server (probably intellipeer pop3 server) is vulnerable to
an account enumeration issue.
If a possible hacker attempts to log into the remote host by submitting a bogus
username, then the server will reply with a specific error message if the
account is non-existant, while it will reply with another message if the
account exists.
A possible hacker may use this flaw to set up a brute force attack against the
remote server to obtain a list of valid user names and accounts.
Solution : Upgrade to the newest version of this server or change it
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|