CyberSec.Space Logo
Back to CVE Browser

CVE-2000-0442

HIGH
7.5
CVSS Severity Score
EPSS Score0.0070%
EPSS Percentile42.49th
PublishedMay 24, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command.

Affected Platforms (CPE)

πŸ“¦
Qualcomm

Qpopper

= 2.52
πŸ“¦
Qualcomm

Qpopper

= 2.53
πŸ”Œ
Sun

Cobalt Raq 2

All versions
πŸ”Œ
Sun

Cobalt Raq 3i

All versions

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-05/0267.html
πŸ”— http://www.novell.com/linux/security/advisories/suse_security_announce_51.html
πŸ”— http://www.securityfocus.com/bid/1242
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-05/0267.html
πŸ”— http://www.novell.com/linux/security/advisories/suse_security_announce_51.html
πŸ”— http://www.securityfocus.com/bid/1242

Related Vulnerabilities

CVE-2001-104610.0

Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allows remote attackers to gain privileges via a long username.

CVE-2003-014310.0

The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which c...

CVE-1999-082210.0

Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.

CVE-1999-00069.8

Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS comma...