Lucene search

[email protected]CVE-2000-1002

HistoryJan 22, 2001 - 5:00 a.m.

CVE-2000-1002

2001-01-2205:00:00

[email protected]

web.nvd.nist.gov

communigate pro

pop3 daemon

remote attackers

spam attacks

email addresses.

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.5%

JSON

POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.

Affected configurations

NVD

Node

stalkercommunigate_proMatch3.3.2

CPENameOperatorVersion
stalker:communigate_prostalker communigate proeq3.3.2

CPE	Name	Operator	Version
stalker:communigate_pro	stalker communigate pro	eq	3.3.2

References

www.securityfocus.com/archive/1/139523

www.securityfocus.com/bid/1792

exchange.xforce.ibmcloud.com/vulnerabilities/5363

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.5%

JSON

Related for CVE-2000-1002

nvd1 cvelist1