The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote malicious users to enumerate valid POP usernames.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hp openvms 8.3 |