Summary
The remote server appears to be running a version of QPopper that is older than 4.0.6.
Versions older than 4.0.6 are vulnerable to a bug where remote attackers can enumerate valid usernames based on server responses during the authentication process.
Solution
None at this time
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apple iTunes Multiple Vulnerabilities - Apr10
- Apple iTunes Insecure Permissions Privilege Escalation Vulnerability (Mac OS X)
- Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Linux)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
- Adobe Reader 'SWF' Information Disclosure Vulnerability (Windows)