POP3 unencrypted cleartext logins 1.0
 
Plugin ID330
Plugin namePOP3 unencrypted cleartext logins
Plugin filenamePOP3 unencrypted cleartext logins.plugin
Plugin filesize2327 bytes
Plugin familySMTP
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/09
Plugin version1.0
Plugin protocoltcp
Plugin port110
Plugin procedure detectionopen|sleep|send CAPA\n|sleep|send QUIT\n|close|pattern_exists *SASL PLAIN* OR *SASL LOGIN* OR USER
Plugin detection accuracy90
Plugin commentThe NASL script is Copyright (C) 2004 George A. Theall
Bug affectedPOP3 with non encrypted authentications
Bug vulnerability classMissing Encryption
Bug descriptionThe remote host is running a POP3 daemon that allows cleartext logins over unencrypted connections. An attacker can uncover user names and passwords by sniffing traffic to the POP3 daemon if a less secure authentication mechanism (eg, USER command, AUTH PLAIN, AUTH LOGIN) is used.
Bug solutionContact your vendor for a fix or encrypt traffic with SSL / TLS using stunnel.
Bug fixing timeApprox. 30 minutes
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityLow
Bug popularity8
Bug simplicity3
Bug impact8
Bug risk4
Bug Nessus riskLow
Bug check toolsNessus can check this flaw with the plugin 15855 (POP3 Unencrypted Cleartext Logins).
Source CVECVE-MAP-NOMATCH
Source OSVDB ID3119
Source Nessus ID15855
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.mcmilk.de/docs/2004-03-sasl.pdf

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.