← back
CVE-2002-0925

CVE-2002-0925

EPSS 3.4%
Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2002-06/0095.htmlhttp://mmondor.gobot.ca/software/linux/mmftpd-changelog.txthttp://mmondor.gobot.ca/software/linux/mmmail-changelog.txthttp://online.securityfocus.com/archive/1/276523http://www.iss.net/security_center/static/9336.phphttp://www.iss.net/security_center/static/9337.phphttp://www.securityfocus.com/bid/4990http://www.securityfocus.com/bid/4999