The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2003-03-18T05:00:00
Updated: 2024-08-08T03:26:27.339Z
Reserved: 2003-02-05T00:00:00
Link: CVE-2002-1416
Vulnrichment
No data.
NVD
Status : Modified
Published: 2003-04-11T04:00:00.000
Modified: 2024-11-20T23:41:15.323
Link: CVE-2002-1416
Redhat
No data.