This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote server is vulnerable to information disclosure.
The remote POP3 server (probably intellipeer pop3 server) is
vulnerable to an account enumeration issue.
If an attacker attempts to log into the remote host by submitting a
bogus username, then the server will reply with a specific error
message if the account is nonexistent, while it will reply with
another message if the account exists.
An attacker may use this flaw to set up a brute-force attack against
the remote server to obtain a list of valid user names and accounts.
See also :
Upgrade to Intillipeer POP3 server version 1.02 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 5.0
Public Exploit Available : true
Nessus Plugin ID: 14829 (intellipeer_disclosure.nasl)
Bugtraq ID: 11257
CVE ID: CVE-2004-2150
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.