CyberSec.Space Logo
返回 CVE 浏览器

CVE-2000-0091

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile4.39th
Published2000年1月21日
Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password.

Affected Platforms (CPE)

📦
Inter7

Vpopmail

= vchkpw_3.4.1
📦
Inter7

Vpopmail

= vchkpw_3.4.2
📦
Inter7

Vpopmail

= vchkpw_3.4.3
📦
Inter7

Vpopmail

= vchkpw_3.4.4
📦
Inter7

Vpopmail

= vchkpw_3.4.5
📦
Inter7

Vpopmail

= vchkpw_3.4.6
📦
Inter7

Vpopmail

= vchkpw_3.4.7
📦
Inter7

Vpopmail

= vchkpw_3.4.8
📦
Inter7

Vpopmail

= vchkpw_3.4.9
📦
Inter7

Vpopmail

= vchkpw_3.4.11

References & Advisories

🔗 http://www.inter7.com/vpopmail/
🔗 http://www.inter7.com/vpopmail/ChangeLog
🔗 http://www.securityfocus.com/bid/942
🔗 http://www.inter7.com/vpopmail/
🔗 http://www.inter7.com/vpopmail/ChangeLog
🔗 http://www.securityfocus.com/bid/942

相关漏洞威胁

CVE-2006-23467.5

vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not ...

CVE-2004-22397.5

Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary...

CVE-2006-24475.1

SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary c...

CVE-2004-22385.0

Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup...