This script is Copyright (C) 2004-2014 George A. Theall
The remote POP3 daemon allows credentials to be transmitted in clear
The remote host is running a POP3 daemon that allows cleartext logins over
unencrypted connections. An attacker can uncover user names and
passwords by sniffing traffic to the POP3 daemon if a less secure
authentication mechanism (eg, USER command, AUTH PLAIN, AUTH LOGIN) is
See also :
Contact your vendor for a fix or encrypt traffic with SSL /
TLS using stunnel.
Risk factor :
Low / CVSS Base Score : 2.6
Nessus Plugin ID: 15855 ()
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.