Detections
Analytics
IBM AS400 and iSeries POP3 Server Remote Information Disclosure
medium Nessus Plugin ID 18046
Language:
Synopsis
The remote POP server is affected by an information disclosure vulnerability.Description
The remote host appears to be running the POP3 service that comes with all modern AS/400 and iSeries servers. Further, this service is prone to an information disclosure vulnerability due to the responses it provides to username / password combinations. This allows a remote attacker to determine valid user profiles. Further, the service offers a means of brute forcing passwords since it does not block a connection or disable a user after a given number of invalid login attempts.Solution
Disable the POP3 service if not needed.See Also
http://www.venera.com/downloads/Enumeration_of_AS400_users_via_pop3.pdf
Plugin Details
Severity: Medium
ID: 18046
File Name: as400_pop3_info_disclosure.nasl
Version: 1.22
Type: remote
Family: Misc.
Published: 4/14/2005
Updated: 6/27/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 1.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
Vulnerability Information
Excluded KB Items: global_settings/supplied_logins_only
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 4/15/2005
Reference Information
CVE: CVE-2005-1133
BID: 13156