Back to search
CVE-2004-2313
Published: Aug 16, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts (such as root), which allows remote attackers to guess the root password via brute force attacks.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20040131 sqwebmail web login
mailing-list
x_refsource_BUGTRAQ
9541
vdb-entry
x_refsource_BID
sqwebmail-login-info-disclosure(15058)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now