CVE-2000-1198

moderate-risk

Published 2001-08-31

qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes.

Do I need to act?

0.26% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

19869

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (2)

Qpopper

Affected Vendors

Qualcomm

References (6)

Mailing List http://marc.info/?l=bugtraq&m=95624629924545&w=2

Mailing List http://marc.info/?l=bugtraq&m=95634229925906&w=2

Broken Link http://www.securityfocus.com/bid/1132

Mailing List http://marc.info/?l=bugtraq&m=95624629924545&w=2

Mailing List http://marc.info/?l=bugtraq&m=95634229925906&w=2

Broken Link http://www.securityfocus.com/bid/1132

/ 100

moderate-risk

Severity 18/34 · Moderate

Exploitability 8/34 · Low

Exposure 7/34 · Low