| Vulnerability Name: | CVE-2000-1198 (CCN-4335) | ||||||||
| Assigned: | 2000-04-24 | ||||||||
| Published: | 2000-04-24 | ||||||||
| Updated: | 2016-10-18 | ||||||||
| Summary: | qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: CCN Type: FreeBSD Security Advisory FreeBSD-SA-00:15 imap-uw allows local users to deny service to any mailbox Source: CCN Type: BugTraq Mailing List, Wed Apr 19 2000 - 19:54:04 CDT pop3d/imap DOS (while we're on the subject) Source: CCN Type: BugTraq Mailing List, Thu Apr 20 2000 - 11:23:28 CDT pop3 Source: MITRE Type: CNA CVE-2000-1197 Source: MITRE Type: CNA CVE-2000-1198 Source: BUGTRAQ Type: UNKNOWN 20000420 pop3d/imap DOS (while we're on the subject) Source: BUGTRAQ Type: UNKNOWN 20000420 pop3 Source: CCN Type: OSVDB ID: 12484 Qpopper Lock File Symlink Local DoS Source: CCN Type: OSVDB ID: 6010 imap-uw IMAP Package POP Predictable Lock File DoS Source: BID Type: UNKNOWN 1132 Source: CCN Type: BID-1132 Multiple Vendor popd Lock File Denial of Service Vulnerability Source: XF Type: UNKNOWN pop-predictable-lockfile(4335) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||