Netscape Messenging Server POP3 Error Message User Account Enumeration

medium Nessus Plugin ID 10681

Synopsis

The remote POP server allows an attacker to determine whether a given username exists or not.

Description

The remote POP server allows an attacker to obtain a list of valid logins on the remote host, thanks to a brute-force attack.

If the user connects to this port and issues the commands :
USER 'someusername' PASS 'whatever'

the user will then get a different response whether the account 'someusername' exists or not.

Solution

None at this time.

Plugin Details

Severity: Medium

ID: 10681

File Name: netscape_pop_auth.nasl

Version: 1.24

Type: remote

Family: Misc.

Published: 5/29/2001

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.1

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:netscape:messaging_server

Excluded KB Items: global_settings/supplied_logins_only

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 10/11/2000

Reference Information

CVE: CVE-2000-0960

BID: 1787