Vulnerabilities > CVE-2002-1416 - Information Disclosure vulnerability in WebEasyMail POP3 Server Valid User Name
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |