CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0524

Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.037

EPSS Ranking 87.5%

CVSS Severity

CVSS v2 Score 10.0

References

http://marc.info/?l=bugtraq&m=108222863917958&w=2
http://marc.info/?l=bugtraq&m=108311782032370&w=2
http://secunia.com/advisories/11415
http://www.securityfocus.com/bid/10166
http://www.squirrelmail.org/plugin_view.php?id=117
https://exchange.xforce.ibmcloud.com/vulnerabilities/15889
http://marc.info/?l=bugtraq&m=108222863917958&w=2
http://marc.info/?l=bugtraq&m=108311782032370&w=2
http://secunia.com/advisories/11415
http://www.securityfocus.com/bid/10166
http://www.squirrelmail.org/plugin_view.php?id=117
https://exchange.xforce.ibmcloud.com/vulnerabilities/15889

Products affected by CVE-2004-0524

Thiago Melo De Paula » Change Passwd » Version: 3.1.1.2.8

cpe:2.3:a:thiago_melo_de_paula:change_passwd:3.1.1.2.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0524

Products

Pricing

Contact Us