CVE-2007-3729

Currently unrated

Key Information:

Vendor: HP
Status: Openvms
Vendor: CVE Published:; 12 July 2007

Summary

The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid POP usernames.

References

http://osvdb.org/37809

vdb-entryx_refsource_OSVDB

http://groups.google.com/group/comp.os.vms/browse_thread/...

x_refsource_MISC

http://secunia.com/advisories/25882

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jul 12, 2007
Vulnerability Reserved
Jul 12, 2007