Back to CVE Browser

CVE-1999-0006

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1680%

EPSS Percentile8.69th

PublishedJul 14, 1998

Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.

Affected Platforms (CPE)

📦

Qualcomm

Qpopper

= 2.4

References & Advisories

🔗 ftp://patches.sgi.com/support/free/security/advisories/19980801-01-I

🔗 http://www.securityfocus.com/bid/133

🔗 ftp://patches.sgi.com/support/free/security/advisories/19980801-01-I

🔗 http://www.securityfocus.com/bid/133

Related Vulnerabilities

CVE-2003-014310.0

The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which c...

CVE-2001-104610.0

Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allows remote attackers to gain privileges via a long username.

CVE-1999-082210.0

Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.

CVE-2000-04427.5

Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by ...