Vulnerability Description
POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Stalker | Communigate Pro | 3.3.2 |
References
- http://www.securityfocus.com/archive/1/139523Vendor Advisory
- http://www.securityfocus.com/bid/1792ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5363
- http://www.securityfocus.com/archive/1/139523Vendor Advisory
- http://www.securityfocus.com/bid/1792ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5363
FAQ
What is CVE-2000-1002?
CVE-2000-1002 is a vulnerability with a CVSS score of 5.0 (MEDIUM). POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the ...
How severe is CVE-2000-1002?
CVE-2000-1002 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-1002?
Check the references section above for vendor advisories and patch information. Affected products include: Stalker Communigate Pro.