POP3 Server Vulnerability: Username Enumeration and Brute Force Attack Vector

POP3 Server Vulnerability: Username Enumeration and Brute Force Attack Vector

CVE-2000-1237 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing.

Learn more about our Cis Benchmark Audit For Server Software.