CyberSec.Space Logo
Back to CVE Browser

CVE-2000-0091

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile4.39th
PublishedJan 21, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password.

Affected Platforms (CPE)

πŸ“¦
Inter7

Vpopmail

= vchkpw_3.4.1
πŸ“¦
Inter7

Vpopmail

= vchkpw_3.4.2
πŸ“¦
Inter7

Vpopmail

= vchkpw_3.4.3
πŸ“¦
Inter7

Vpopmail

= vchkpw_3.4.4
πŸ“¦
Inter7

Vpopmail

= vchkpw_3.4.5
πŸ“¦
Inter7

Vpopmail

= vchkpw_3.4.6
πŸ“¦
Inter7

Vpopmail

= vchkpw_3.4.7
πŸ“¦
Inter7

Vpopmail

= vchkpw_3.4.8
πŸ“¦
Inter7

Vpopmail

= vchkpw_3.4.9
πŸ“¦
Inter7

Vpopmail

= vchkpw_3.4.11

References & Advisories

πŸ”— http://www.inter7.com/vpopmail/
πŸ”— http://www.inter7.com/vpopmail/ChangeLog
πŸ”— http://www.securityfocus.com/bid/942
πŸ”— http://www.inter7.com/vpopmail/
πŸ”— http://www.inter7.com/vpopmail/ChangeLog
πŸ”— http://www.securityfocus.com/bid/942

Related Vulnerabilities

CVE-2006-23467.5

vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not ...

CVE-2004-22397.5

Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary...

CVE-2006-24475.1

SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary c...

CVE-2004-22385.0

Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup...