Vulnerability in Qualcomm Qpopper
CVE-2001-1068
qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided instead of a valid name, which allows remote attackers to determine valid usernames on the system.
EPSS: 0.011 (61.7th percentile) — read the EPSS interpretation.
Affected products
- Qualcomm Qpopper — versions 4.0.1
- N/a — versions n/a
References
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (Vendor Advisory, mailing-list, Exploit, x_refsource_BUGTRAQ)