Vulnerabilities > CVE-2007-3729 - Unspecified vulnerability in HP Openvms 8.3

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

NVD

Published: 2007-07-12

Updated: 2017-07-29

Summary

The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid POP usernames.

Vulnerable Configurations

Part	Description	Count
OS	Hp HP Openvms 8.3	1

References

http://groups.google.com/group/comp.os.vms/browse_thread/thread/a5f68773805f862d/8a42e91fe1e9cd36
http://osvdb.org/37809
http://secunia.com/advisories/25882
http://www.securityfocus.com/bid/24751
https://exchange.xforce.ibmcloud.com/vulnerabilities/35255