Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1558

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1558
Last Modified 05 Sep 2008 04:41:44
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1558

Summary

Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) POP3 USER command or (2) SMTP request.

Vulnerable Systems

Application

  • Ypops 0.4

  • Ypops 0.4.1

  • Ypops 0.4.2

  • Ypops 0.4.3

  • Ypops 0.4.4

  • Ypops 0.4.5

  • Ypops 0.4.6

  • Ypops 0.5

  • Ypops 0.6


References

XF - ypops-smtp-bo(17518)

XF - ypops-pop3-bo(17515)

BID - 11256

MISC - http://www.hat-squad.com/en/000075.html

VIM - 20061020 vendor ACK for old YPOPs! issue

SECTRACK - 1011426

BUGTRAQ - 20040927 [Hat-Squad] Remote Buffer overflow Vulnerability in YahooPOPS

CONFIRM - http://dbeusee.home.comcast.net/history.html

OSVDB - 10367

OSVDB - 10366

SECUNIA - 12660


Last Updated: 27 May 2016 10:39:05