Lucene search
MitreCVE-2000-0960HistoryJan 22, 2001 - 5:00 a.m.
CVE-2000-0960
2001-01-2205:00:00
mitre
web.nvd.nist.gov
26
cve-2000-0960
netscape messaging server
pop3 server
email harvesting
spam abuse
security flaw
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.005
Percentile
76.4%
The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse.
Affected configurations
Node
netscapemessaging_serverMatch4.15
ORnetscapemessaging_serverMatch4.15patch1
ORnetscapemessaging_serverMatch4.15patch2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| netscape | messaging_server | 4.15 | cpe:2.3:a:netscape:messaging_server:4.15:*:*:*:*:*:*:* |
| netscape | messaging_server | 4.15 | cpe:2.3:a:netscape:messaging_server:4.15:patch1:*:*:*:*:*:* |
| netscape | messaging_server | 4.15 | cpe:2.3:a:netscape:messaging_server:4.15:patch2:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2000-0960
2001-01-22 05:00:00
nvd
nvd
CVE-2000-0960
2000-12-19 05:00:00
nessus
nessus
Netscape Messenging Server POP3 Error Message User Account Enumeration
2001-05-29 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.005
Percentile
76.4%
Related for CVE-2000-0960