Qualcomm: >> Qpopper >> 3.0 Security Vulnerabilities
popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-12-31
qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes.
CVSS Score
5.5
EPSS Score
0.003
Published
2001-08-31
Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in \n.
CVSS Score
5.0
EPSS Score
0.007
Published
2000-04-21
Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-01-26
Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.
CVSS Score
10.0
EPSS Score
0.072
Published
1999-11-30