CVE-2000-0960
Summary
| CVE | CVE-2000-0960 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2000-12-19 05:00:00 UTC |
| Updated | 2017-10-10 01:29:00 UTC |
| Description | The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Netscape | Messaging Server | 4.15 | All | All | All |
| Application | Netscape | Messaging Server | 4.15 | patch1 | All | All |
| Application | Netscape | Messaging Server | 4.15 | patch2 | All | All |
| Application | Netscape | Messaging Server | 4.15 | All | All | All |
| Application | Netscape | Messaging Server | 4.15 | patch1 | All | All |
| Application | Netscape | Messaging Server | 4.15 | patch2 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| 'Netscape Messaging server 4.15 poor error strings' - MARC | BUGTRAQ | marc.info | |
| Netscape Messaging Server Email Address Verification Vulnerability | BID | www.securityfocus.com | Exploit, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.