CVE-2004-2239: Buffer Overflow
First published: Fri Dec 31 2004(Updated: )
Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Inter7 Vpopmail Vchkpw | =3.4.11e | |
| Inter7 Vpopmail Vchkpw | =3.4.1 | |
| Inter7 Vpopmail Vchkpw | =5.2.1 | |
| Inter7 Vpopmail Vchkpw | =4.9.10 | |
| Inter7 Vpopmail Vchkpw | =5.3.30 | |
| Inter7 Vpopmail Vchkpw | =3.4.6 | |
| Inter7 Vpopmail Vchkpw | =3.4.11 | |
| Inter7 Vpopmail Vchkpw | =3.4.2 | |
| Inter7 Vpopmail Vchkpw | =4.10 | |
| Inter7 Vpopmail Vchkpw | =3.4.10 | |
| Inter7 Vpopmail Vchkpw | =4.9 | |
| Inter7 Vpopmail Vchkpw | =3.4.8 | |
| Inter7 Vpopmail Vchkpw | =4.6 | |
| Inter7 Vpopmail Vchkpw | =5.3.28 | |
| Inter7 Vpopmail Vchkpw | =5.3.27 | |
| Inter7 Vpopmail Vchkpw | =5.3.22 | |
| Inter7 Vpopmail Vchkpw | =5.3.21 | |
| Inter7 Vpopmail Vchkpw | =5.3.26 | |
| Inter7 Vpopmail Vchkpw | =5.4 | |
| Inter7 Vpopmail Vchkpw | =3.4.5 | |
| Inter7 Vpopmail Vchkpw | =4.7 | |
| Inter7 Vpopmail Vchkpw | =3.4.9 | |
| Inter7 Vpopmail Vchkpw | =5.3.29 | |
| Inter7 Vpopmail Vchkpw | =3.4.7 | |
| Inter7 Vpopmail Vchkpw | =5.4.1 | |
| Inter7 Vpopmail Vchkpw | =5.3.24 | |
| Inter7 Vpopmail Vchkpw | =5.3.23 | |
| Inter7 Vpopmail Vchkpw | =5.3.25 | |
| Inter7 Vpopmail Vchkpw | =3.4.3 | |
| Inter7 Vpopmail Vchkpw | =4.8 | |
| Inter7 Vpopmail Vchkpw | =5.3.20 | |
| Inter7 Vpopmail Vchkpw | =3.4.4 | |
| Inter7 Vpopmail Vchkpw | =5.4.2 | |
| Inter7 Vpopmail Vchkpw | =4.5 | |
| Inter7 Vpopmail Vchkpw | =5.2.2 | |
| Inter7 Vpopmail Vchkpw | =3.4.1 | |
| Inter7 Vpopmail Vchkpw | =3.4.2 | |
| Inter7 Vpopmail Vchkpw | =3.4.3 | |
| Inter7 Vpopmail Vchkpw | =3.4.4 | |
| Inter7 Vpopmail Vchkpw | =3.4.5 | |
| Inter7 Vpopmail Vchkpw | =3.4.6 | |
| Inter7 Vpopmail Vchkpw | =3.4.7 | |
| Inter7 Vpopmail Vchkpw | =3.4.8 | |
| Inter7 Vpopmail Vchkpw | =3.4.9 | |
| Inter7 Vpopmail Vchkpw | =3.4.10 | |
| Inter7 Vpopmail Vchkpw | =3.4.11 | |
| Inter7 Vpopmail Vchkpw | =3.4.11e | |
| Inter7 Vpopmail Vchkpw | =4.5 | |
| Inter7 Vpopmail Vchkpw | =4.6 | |
| Inter7 Vpopmail Vchkpw | =4.7 | |
| Inter7 Vpopmail Vchkpw | =4.8 | |
| Inter7 Vpopmail Vchkpw | =4.9 | |
| Inter7 Vpopmail Vchkpw | =4.9.10 | |
| Inter7 Vpopmail Vchkpw | =4.10 | |
| Inter7 Vpopmail Vchkpw | =5.2.1 | |
| Inter7 Vpopmail Vchkpw | =5.2.2 | |
| Inter7 Vpopmail Vchkpw | =5.3.20 | |
| Inter7 Vpopmail Vchkpw | =5.3.21 | |
| Inter7 Vpopmail Vchkpw | =5.3.22 | |
| Inter7 Vpopmail Vchkpw | =5.3.23 | |
| Inter7 Vpopmail Vchkpw | =5.3.24 | |
| Inter7 Vpopmail Vchkpw | =5.3.25 | |
| Inter7 Vpopmail Vchkpw | =5.3.26 | |
| Inter7 Vpopmail Vchkpw | =5.3.27 | |
| Inter7 Vpopmail Vchkpw | =5.3.28 | |
| Inter7 Vpopmail Vchkpw | =5.3.29 | |
| Inter7 Vpopmail Vchkpw | =5.3.30 | |
| Inter7 Vpopmail Vchkpw | =5.4 | |
| Inter7 Vpopmail Vchkpw | =5.4.1 | |
| Inter7 Vpopmail Vchkpw | =5.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/bugtraq/2004-08/0226.html
- http://archives.neohapsis.com/archives/bugtraq/2004-08/0264.html
- http://archives.neohapsis.com/archives/bugtraq/2004-08/0286.html
- http://www.securityfocus.com/bid/10962
- http://www.osvdb.org/9146
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17016
Frequently Asked Questions
What is the severity of CVE-2004-2239?
CVE-2004-2239 is classified as a buffer overflow vulnerability that may allow attackers to execute arbitrary code or induce a denial of service.
How do I fix CVE-2004-2239?
To fix CVE-2004-2239, it is recommended to upgrade to a version of vpopmail that is newer than 5.4.2.
Which versions are affected by CVE-2004-2239?
CVE-2004-2239 affects vpopmail versions 5.4.2 and earlier.
What kind of attack can occur due to CVE-2004-2239?
CVE-2004-2239 can allow attackers to exploit the vulnerability to execute malicious code or disrupt service.
Is there a way to mitigate CVE-2004-2239 without upgrading?
While upgrading is the primary solution, implementing network-level protections or access controls may help mitigate the risk of CVE-2004-2239.
- agent/references
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/inter7
- canonical/inter7 vpopmail vchkpw
- version/inter7 vpopmail vchkpw/3.4.11e
- version/inter7 vpopmail vchkpw/3.4.1
- version/inter7 vpopmail vchkpw/5.2.1
- version/inter7 vpopmail vchkpw/4.9.10
- version/inter7 vpopmail vchkpw/5.3.30
- version/inter7 vpopmail vchkpw/3.4.6
- version/inter7 vpopmail vchkpw/3.4.11
- version/inter7 vpopmail vchkpw/3.4.2
- version/inter7 vpopmail vchkpw/4.10
- version/inter7 vpopmail vchkpw/3.4.10
- version/inter7 vpopmail vchkpw/4.9
- version/inter7 vpopmail vchkpw/3.4.8
- version/inter7 vpopmail vchkpw/4.6
- version/inter7 vpopmail vchkpw/5.3.28
- version/inter7 vpopmail vchkpw/5.3.27
- version/inter7 vpopmail vchkpw/5.3.22
- version/inter7 vpopmail vchkpw/5.3.21
- version/inter7 vpopmail vchkpw/5.3.26
- version/inter7 vpopmail vchkpw/5.4
- version/inter7 vpopmail vchkpw/3.4.5
- version/inter7 vpopmail vchkpw/4.7
- version/inter7 vpopmail vchkpw/3.4.9
- version/inter7 vpopmail vchkpw/5.3.29
- version/inter7 vpopmail vchkpw/3.4.7
- version/inter7 vpopmail vchkpw/5.4.1
- version/inter7 vpopmail vchkpw/5.3.24
- version/inter7 vpopmail vchkpw/5.3.23
- version/inter7 vpopmail vchkpw/5.3.25
- version/inter7 vpopmail vchkpw/3.4.3
- version/inter7 vpopmail vchkpw/4.8
- version/inter7 vpopmail vchkpw/5.3.20
- version/inter7 vpopmail vchkpw/3.4.4
- version/inter7 vpopmail vchkpw/5.4.2
- version/inter7 vpopmail vchkpw/4.5
- version/inter7 vpopmail vchkpw/5.2.2