Lucene search

[email protected]CVE-2004-2375

HistoryAug 16, 2005 - 4:00 a.m.

CVE-2004-2375

2005-08-1604:00:00

[email protected]

web.nvd.nist.gov

cve-2004-2375

buffer overflow

pop3 server

1st class mail server 4.0

denial of service

remote attackers

arbitrary code

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

High

0.227 Low

EPSS

Percentile

96.6%

JSON

Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an APOP USER command with a long second parameter (digest).

Affected configurations

NVD

Node

1st_class_internet_solutions1st_class_mail_serverMatch4.0

CPENameOperatorVersion
1st_class_internet_solutions:1st_class_mail_server1st class internet solutions 1st class mail servereq4.0

CPE	Name	Operator	Version
1st_class_internet_solutions:1st_class_mail_server	1st class internet solutions 1st class mail server	eq	4.0

References

secunia.com/advisories/11029

securitytracker.com/id?1009279

www.digiti.be/jeffosz/advisories/1stclasspop3.txt

www.osvdb.org/4129

www.securityfocus.com/bid/9794

www.zone-h.org/advisories/read/id=4047

exchange.xforce.ibmcloud.com/vulnerabilities/15314

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

High

0.227 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2004-2375

nvd1 cvelist1