Vulnerability Details CVE-2004-2375
Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an APOP USER command with a long second parameter (digest).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.103
EPSS Ranking 92.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/11029
- http://securitytracker.com/id?1009279
- http://www.digiti.be/jeffosz/advisories/1stclasspop3.txt
- http://www.osvdb.org/4129
- http://www.securityfocus.com/bid/9794
- http://www.zone-h.org/advisories/read/id=4047
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15314
- http://secunia.com/advisories/11029
- http://securitytracker.com/id?1009279
- http://www.digiti.be/jeffosz/advisories/1stclasspop3.txt
- http://www.osvdb.org/4129
- http://www.securityfocus.com/bid/9794
- http://www.zone-h.org/advisories/read/id=4047
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15314
Products affected by CVE-2004-2375
-
cpe:2.3:a:1st_class_internet_solutions:1st_class_mail_server:4.0