CVE-2000-1002

POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.

Published: Dec 11, 2000
Updated: Apr 13, 2023
CVE: CVE-2000-1002
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
stalker / communigate_pro	3.3.2	3.3.2.x

http://www.securityfocus.com/archive/1/139523
http://www.securityfocus.com/bid/1792
https://exchange.xforce.ibmcloud.com/vulnerabilities/5363

Vulnerability Database

291,049

CVE-2000-1002