Inter7: >> Vpopmail Vchkpw >> 4.5 Security Vulnerabilities
vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or PASS command that contains arbitrary formatting directives.
CVSS Score
5.0
EPSS Score
0.007
Published
2000-06-30