ShareMailPro POP3 Interface Error Message Account Enumeration
Medium Nessus Plugin ID 11654
SynopsisThe remote server is vulnerable to information disclosure.
DescriptionThe remote ShareMail server issues a special error message when a user attempts to log in using a nonexistent POP account.
An attacker may use this flaw to make a list of valid accounts by looking at the error messages it receives at authentication time.
SolutionNone at this time.