Vulnerabilities > CVE-2002-1416 - Unspecified vulnerability in Webeasymail

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

webeasymail

NVD

Published: 2003-04-11

Updated: 2024-11-20

Summary

The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks.

Vulnerable Configurations

Part	Description	Count
Application	Webeasymail Webeasymail Webeasymail *	1

References

http://online.securityfocus.com/archive/1/288222
http://online.securityfocus.com/archive/1/288222
http://www.iss.net/security_center/static/9925.php
http://www.iss.net/security_center/static/9925.php
http://www.securityfocus.com/bid/5519
http://www.securityfocus.com/bid/5519