ID CVE-1999-0531
Summary ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO."
References
Vulnerable Configurations
CVSS
Base:
Impact:
Exploitability:
metasploit via4
description The SMTP service has two internal commands that allow the enumeration of users: VRFY (confirming the names of valid users) and EXPN (which reveals the actual address of users aliases and lists of e-mail (mailing lists)). Through the implementation of these SMTP commands can reveal a list of valid users.
id MSF:AUXILIARY/SCANNER/SMTP/SMTP_ENUM
last seen 2019-03-31
modified 2017-07-24
published 2010-07-21
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smtp/smtp_enum.rb
title SMTP User Enumeration Utility
Last major update 01-08-2008 - 00:00
Published 01-01-1999 - 00:00
Back to Top