VRFY Command Information Disclosure
Medium Nessus Network Monitor Plugin ID 2022
SynopsisThe remote host may give an attacker information useful for future attacks.
DescriptionThe remote host has the VRFY command enabled. An attacker may use it to enumerate valid accounts on this host and gain more information about them.
SolutionDisable this option in your MUA configuration file.