⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 imap unencrypted cleartext logins.plugin

📁 全面网络扫描器VB源代码 很实用
💻 PLUGIN
字号:
🔍 
<plugin_id>332</plugin_id>
<plugin_name>IMAP unencrypted cleartext logins</plugin_name>
<plugin_family>Misc.</plugin_family>
<plugin_created_date>2005/01/09</plugin_created_date>
<plugin_created_name>Marc Ruef</plugin_created_name>
<plugin_created_email>marc.ruef at computec.ch</plugin_created_email>
<plugin_created_web>http://www.computec.ch</plugin_created_web>
<plugin_created_company>computec.ch</plugin_created_company>
<plugin_version>1.0</plugin_version>
<plugin_protocol>tcp</plugin_protocol>
<plugin_port>143</plugin_port>
<plugin_procedure_detection>open|sleep|send CAPABILITY\n|sleep|send QUIT\n|close|pattern_exists AUTH=LOGIN OR AUTH=PLAIN</plugin_procedure_detection>
<plugin_detection_accuracy>75</plugin_detection_accuracy>
<plugin_comment>The NASL script is Copyright (C) 2004 George A. Theall</plugin_comment>
<bug_vulnerability_class>Missing Encryption</bug_vulnerability_class>
<bug_description>The remote host is running an IMAP daemon that allows cleartext logins over unencrypted connections. An attacker can uncover user names and  passwords by sniffing traffic to the IMAP daemon if a less secure authentication mechanism (eg, LOGIN command, AUTH=PLAIN, AUTH=LOGIN) is used.</bug_description>
<bug_solution>Contact your vendor for a fix or encrypt traffic with SSL / TLS using stunnel.</bug_solution>
<bug_fixing_time>Approx. 30 minutes</bug_fixing_time>
<bug_exploit_availability>Yes</bug_exploit_availability>
<bug_remote>Yes</bug_remote>
<bug_local>Yes</bug_local>
<bug_severity>Low</bug_severity>
<bug_popularity>6</bug_popularity>
<bug_simplicity>8</bug_simplicity>
<bug_impact>8</bug_impact>
<bug_risk>7</bug_risk>
<bug_nessus_risk>Low</bug_nessus_risk>
<bug_check_tool>Nessus can check this flaw with the plugin 15856 (IMAP Unencrypted Cleartext Logins).</bug_check_tool>
<source_osvdb_id>3119</source_osvdb_id>
<source_nessus_id>15856</source_nessus_id>
<source_literature>Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427</source_literature>
<source_misc>http://www.computec.ch</source_misc>

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -