exploitDog

CVE-2002-1416

Опубликовано: 11 апр. 2003

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks.

Ссылки

http://online.securityfocus.com/archive/1/288222
Exploit
Vendor Advisory
http://www.iss.net/security_center/static/9925.php
Vendor Advisory
http://www.securityfocus.com/bid/5519
Vendor Advisory
http://online.securityfocus.com/archive/1/288222
Exploit
Vendor Advisory
http://www.iss.net/security_center/static/9925.php
Vendor Advisory
http://www.securityfocus.com/bid/5519
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webeasymail:webeasymail:*:*:*:*:*:*:*:*

Версия до 3.4.2.2 (включая)

EPSS

Процентиль: 69%

0.00625

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-623v-x9rh-m33f

github

больше 3 лет назад

The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks.

EPSS

Процентиль: 69%

0.00625

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other