Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2238

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2238
Last Modified 05 Sep 2008 04:43:34
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2238

Summary

** DISPUTED ** Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when compiled, became static format strings. Thus this is not a vulnerability.

Vulnerable Systems


References

BID - 10962

OSVDB - 9147

XF - vpopmail-vsybase-format-string(17017)

BUGTRAQ - 20040819 [Fwd: Re: [vchkpw] vpopmail <= 5.4.2 (sybase vulnerability) (fwd)]

BUGTRAQ - 20040818 [2Cents on] vpopmail <= 5.4.2 (sybase vulnerability)

BUGTRAQ - 20040817 vpopmail <= 5.4.2 (sybase vulnerability)


Last Updated: 27 May 2016 10:39:24