CVE-2005-1650

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Woppoware PostMaster version 4.2.2

Description The web mail service in the affected software generates different error messages depending on whether a user exists or not. This allows remote attackers to determine valid usernames.

Recommendations For version 4.2.2, consider restricting access to the web mail service until a fix is available, or implement additional authentication measures to minimize the risk of exploitation.

Fix

Side Channel Attack

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-203

Related Identifiers

CVE-2005-1650

Affected Products

Woppoware Postmaster

CVE-2005-1650

Weakness Enumeration

Related Identifiers

Affected Products

References · 3