User ID Enumeration Vulnerability in IBM iSeries AS/400 POP3 Server
CVE-2005-1133

Currently unrated

Key Information:

Vendor: IBM
Status: Iseries As 400
Vendor: CVE Published:; 2 May 2005

Summary

The POP3 server in IBM iSeries AS/400 exhibits a vulnerability that allows remote attackers to discern valid user IDs based on differing error messages received when a user is recognized or not. This can provide malicious actors with sufficient information to launch further attacks or exploits on the server.

References

http://marc.info/?l=bugtraq&m=111358863001693&w=2

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/13156

vdb-entryx_refsource_BID

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Apr 16, 2005