CVE-2002-0925

CVE-2002-0925 concerns a format-string vulnerability in the mmsyslog function that allows remote code execution. The vulnerability is triggered via specific commands: (1) USER to mmpop3d for mmmail <= 0.0.13, (2) HELO to mmsmtpd for mmmail <= 0.0.13, or (3) USER to mmftpd

[CERT-intexxia] mmmail POP3-SMTP Daemon Format String Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY ADVISORY INTEXXIAc 04 06 2002 ID 1054-040602 TITLE : mmmail POP3-SMTP Daemon Format String Vulnerability CREDITS : Guillaume Pelat / INTEXXIA SYSTEM AFFECTED =============== mmmail = 0.0.13 mmpop3d & mmsmtpd DESCRIPTION =========== "mmmail...