Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2410


Vulnerability Score 5.0 5.0
CVE Id CVE-2002-2410
Last Modified 05 Sep 2008 04:33:09
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE


Summary in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information.

Vulnerable Systems


  • Open Webmail 1.7

  • Open Webmail 1.71


BID - 6232

XF - open-webmail-information-disclosure(10684)

BUGTRAQ - 20021119 Open WebMail 1.71 "background" magic info

Last Updated: 27 May 2016 10:37:44