CVE-2003-0143 — CVSS 10.0 (critical): The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could…
CVE-2001-1046 — CVSS 10.0 (critical): Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allows remote attackers to gain privileges via a long username.
CVE-1999-0006 — CVSS 9.8 (critical): Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
CVE-2000-0442 — CVSS 7.5 (high): Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl…
CVE-2000-0096 — CVSS 7.2 (high): Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command.
CVE-2000-1198 — CVSS 5.5 (medium): qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack…
CVE-2001-1068 — CVSS 5.0 (medium): qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided…
CVE-2000-0320 — CVSS 5.0 (medium): Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to…
CVE-2002-0454 — CVSS 5.0 (medium): Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a very…
CVE-2002-0889 — CVSS 4.6 (medium): Buffer overflow in Qpopper (popper) 4.0.4 and earlier allows local users to cause a denial of service and possibly execute arbitrary code…
CVE-2001-1487 — CVSS 4.6 (medium): popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user…
CVE-2005-3098 — CVSS 4.6 (medium): poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line…
CVE-2003-1452 — CVSS 3.6 (low): Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH…