Lucene search

[email protected]CVE-2000-1002

HistoryDec 11, 2000 - 5:00 a.m.

CVE-2000-1002

2000-12-1105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

communigate pro

pop3 daemon

remote attackers

spam attacks

email addresses.

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.1%

JSON

POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.

CPENameOperatorVersion
stalker:communigate_prostalker communigate proeq3.3.2

CPE	Name	Operator	Version
stalker:communigate_pro	stalker communigate pro	eq	3.3.2

References

www.securityfocus.com/archive/1/139523

www.securityfocus.com/bid/1792

exchange.xforce.ibmcloud.com/vulnerabilities/5363

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.1%

JSON