CVE-2000-0960Messaging Server vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.9%
top 24.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netscape Messaging Server
Timeline
PublishedDec 19
Latest updateApr 30

Description

The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-j2pw-q2v3-qqxv: The POP3 server in Netscape Messaging Server 42022-04-30
CVEList
CVE-2000-0960: The POP3 server in Netscape Messaging Server 42001-01-22
CVE-2000-0960 — Netscape Messaging Server vulnerability | cvebase