Lucene search

[email protected]CVE-2004-2460

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2460

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-2460

vulnerability

pop3

gnubiff

denial of service

nvd

6.9 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.016 Low

EPSS

Percentile

87.1%

JSON

Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an “infinite” Unique IDentification Listing (UIDL) list.

CPENameOperatorVersion
gnu:gnubiffgnu gnubiffeq1.2.0
gnu:gnubiffgnu gnubiffeq1.0.6
gnu:gnubiffgnu gnubiffeq1.0.7
gnu:gnubiffgnu gnubiffeq1.0.5
gnu:gnubiffgnu gnubiffeq1.0.3
gnu:gnubiffgnu gnubiffeq1.4.0
gnu:gnubiffgnu gnubiffeq1.0.10
gnu:gnubiffgnu gnubiffeq1.0.9
gnu:gnubiffgnu gnubiffeq1.0.8
gnu:gnubiffgnu gnubiffeq1.0.4

CPE	Name	Operator	Version
gnu:gnubiff	gnu gnubiff	eq	1.2.0
gnu:gnubiff	gnu gnubiff	eq	1.0.6
gnu:gnubiff	gnu gnubiff	eq	1.0.7
gnu:gnubiff	gnu gnubiff	eq	1.0.5
gnu:gnubiff	gnu gnubiff	eq	1.0.3
gnu:gnubiff	gnu gnubiff	eq	1.4.0
gnu:gnubiff	gnu gnubiff	eq	1.0.10
gnu:gnubiff	gnu gnubiff	eq	1.0.9
gnu:gnubiff	gnu gnubiff	eq	1.0.8
gnu:gnubiff	gnu gnubiff	eq	1.0.4

References

gnubiff.sourceforge.net/changelog.php

secunia.com/advisories/12445

www.osvdb.org/9731

www.securityfocus.com/bid/11123

exchange.xforce.ibmcloud.com/vulnerabilities/17282

6.9 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.016 Low

EPSS

Percentile

87.1%

JSON

Related for CVE-2004-2460

debiancve1