Back to search
CVE-2002-0925
Published: Aug 31, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
mmftpd-mmsyslog-format-string(9337)
vdb-entry
x_refsource_XF
http://mmondor.gobot.ca/software/linux/mmftpd-changelog.txt
x_refsource_CONFIRM
4990
vdb-entry
x_refsource_BID
mmmail-mmsyslog-format-string(9336)
vdb-entry
x_refsource_XF
20020612 [CERT-intexxia] mmmail POP3-SMTP Daemon Format String Vulnerability
mailing-list
x_refsource_BUGTRAQ
20020612 [CERT-intexxia] mmftpd FTP Daemon Format String Vulnerability
mailing-list
x_refsource_BUGTRAQ
4999
vdb-entry
x_refsource_BID
http://mmondor.gobot.ca/software/linux/mmmail-changelog.txt
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now