CVE-2004-2313

EPSS 0.33%

Published: 12/31/2004Modified: 4/28/2026

Description

Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts (such as root), which allows remote attackers to guess the root password via brute force attacks.

Affected packages (1)

Debian/courierfrom 0, < 0.44.2-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-2313