Vulnerabilities > CVE-1999-1266 - Unspecified vulnerability in Metamail Corporation Metamail

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

metamail-corporation

NVD

Published: 1997-06-13

Updated: 2017-12-19

Summary

rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system.

Vulnerable Configurations

Part	Description	Count
Application	Metamail_Corporation Metamail Corporation Metamail *	1

References

http://www.securityfocus.com/archive/1/6978
https://exchange.xforce.ibmcloud.com/vulnerabilities/1660