CVE-2000-0960
First published: Tue Dec 19 2000(Updated: )
The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netscape Messaging Server | =4.15-patch1 | |
| Netscape Messaging Server | =4.15 | |
| Netscape Messaging Server | =4.15-patch2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/netscape
- canonical/netscape messaging server
- version/netscape messaging server/4.15-patch1
- version/netscape messaging server/4.15
- version/netscape messaging server/4.15-patch2