CVE-2000-1002
First published: Mon Dec 11 2000(Updated: )
POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Communigate Pro | =3.3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2000-1002?
CVE-2000-1002 is considered a medium severity vulnerability due to its potential for facilitating SPAM attacks.
How do I fix CVE-2000-1002?
To fix CVE-2000-1002, upgrade Stalker CommuniGate Pro to a version later than 3.3.2 that addresses this vulnerability.
What vulnerability does CVE-2000-1002 exploit?
CVE-2000-1002 exploits the way Stalker CommuniGate Pro's POP3 daemon handles error messages, allowing attackers to discern valid email addresses.
Who is affected by CVE-2000-1002?
CVE-2000-1002 affects users of Stalker CommuniGate Pro version 3.3.2.
What impact does CVE-2000-1002 have on email security?
CVE-2000-1002 increases the risk of SPAM and phishing attacks by exposing valid email addresses through error handling.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/stalker
- canonical/communigate pro
- version/communigate pro/3.3.2