CVE-2002-2410

CVE-2002-2410 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information.

Learn more about our Web App Pen Testing.