CyberSec.Space Logo
Back to CVE Browser

CVE-2003-0143

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile6.19th
PublishedMar 18, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.

Affected Platforms (CPE)

πŸ“¦
Qualcomm

Qpopper

= 4.0.1
πŸ“¦
Qualcomm

Qpopper

= 4.0.2
πŸ“¦
Qualcomm

Qpopper

= 4.0.3
πŸ“¦
Qualcomm

Qpopper

= 4.0.4

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=104739841223916&w=2
πŸ”— http://marc.info/?l=bugtraq&m=104748775900481&w=2
πŸ”— http://marc.info/?l=bugtraq&m=104768137314397&w=2
πŸ”— http://marc.info/?l=bugtraq&m=104792541215354&w=2
πŸ”— http://www.debian.org/security/2003/dsa-259
πŸ”— http://www.novell.com/linux/security/advisories/2003_018_qpopper.html
πŸ”— http://www.securityfocus.com/bid/7058
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/11516

Related Vulnerabilities

CVE-2001-104610.0

Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allows remote attackers to gain privileges via a long username.

CVE-1999-082210.0

Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.

CVE-1999-00069.8

Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS comma...

CVE-2000-04427.5

Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by ...