Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0524

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0524
Last Modified 05 Sep 2008 04:38:39
Published 06 Aug 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0524

Summary

Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.

Vulnerable Systems


References

BID - 10166

BUGTRAQ - 20040427 Re: Squirrelmail Chpasswod bof

XF - squirrelmail-chpasswd-binary-bo(15889)

CONFIRM - http://www.squirrelmail.org/plugin_view.php?id=117

SECUNIA - 11415

BUGTRAQ - 20040417 Squirrelmail Chpasswod bof


Last Updated: 27 May 2016 10:38:38