POP2 Unencrypted Cleartext Logins Network Vulnerability

Summary

The remote host is running a POP2 daemon that allows cleartext logins over unencrypted connections. An attacker can uncover login names and passwords by sniffing traffic to the POP2 daemon.

Solution

Encrypt traffic with SSL / TLS using stunnel.

Severity

Classification

CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:P/I:N/A:N

Related Vulnerabilities

iDB Detection
BulletProof FTP Version Detection
IMAP Banner
CheckPoint InterSpect
Detect slident and or fake identd

Take action and discover your vulnerabilities