Inter7: >> Vpopmail (Vchkpw) Security Vulnerabilities
vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP.
CVSS Score
7.5
EPSS Score
0.012
Published
2006-05-12
Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when compiled, became static format strings. Thus this is not a vulnerability
CVSS Score
5.0
EPSS Score
0.006
Published
2004-12-31
Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.009
Published
2004-12-31