• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

T. Hauck Jana Server POP3 Gateway Username Enumeration Vulnerability

Jana Server is a server for Microsoft Windows based systems. Jana Server provides a wide range of proxy servers, and a number of other services. A POP3 gateway service is provided.

Reportedly, the Jana Server POP3 gateway returns error messages that distinguish between invalid usernames and invalid passwords. Exploitation of this vulnerability may aid an attacker in gathering information about the system or internal network.