Synopsis
The remote POP2 daemon allows credentials to be transmitted in cleartext.
Description
The remote host is running a POP2 daemon that allows cleartext logins over unencrypted connections. An attacker can uncover login names and passwords by sniffing traffic to the POP2 daemon.
Solution
Encrypt traffic with SSL / TLS using stunnel.
Plugin Details
File Name: pop2_unencrypted_cleartext_logins.nasl
Supported Sensors: Nessus