3 matches found
CVE-2004-2313
Inter7 SqWebMail 3.4.1–3.6.1 exposes a password-guessing vulnerability: authentication responses differ for incorrect vs. correct passwords on non-mail-enabled accounts (e.g., root), enabling remote attackers to brute-force the root password. The issue is tied to the login error handling and disc...
CVE-2004-2313
Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts such as root, which allows remote attackers to guess the root password via brute force attacks...
CVE-2004-2313
Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts such as root, which allows remote attackers to guess the root password via brute force attacks...