MidnightBSD

Advisories for krzysztof_dabrowski

CVE-2000-0990 HIGH

cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
krzysztof_dabrowski cmd5checkpw 0.21
krzysztof_dabrowski cmd5checkpw 0.20
CVE-2005-0580 LOW

cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
krzysztof_dabrowski cmd5checkpw 0.21
krzysztof_dabrowski cmd5checkpw 0.22
krzysztof_dabrowski cmd5checkpw 0.20