The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=97138100426121&w=2 - | |
References | () http://www.securityfocus.com/bid/1787 - Exploit, Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/5364 - |
Information
Published : 2000-12-19 05:00
Updated : 2024-11-20 23:33
NVD link : CVE-2000-0960
Mitre link : CVE-2000-0960
CVE.ORG link : CVE-2000-0960
JSON object : View
Products Affected
netscape
- messaging_server
CWE