Cmd5checkpw
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-0580 | 0.00 | — | 0.00 | Feb 25, 2005 | cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file. | |||
| CVE-2000-0990 | 0.00 | — | 0.01 | Dec 19, 2000 | cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username. |
- CVE-2005-0580Feb 25, 2005risk 0.00cvss —epss 0.00
cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file.
- CVE-2000-0990Dec 19, 2000risk 0.00cvss —epss 0.01
cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username.