header-logo
Suggest Exploit
vendor:
VPOP3
by:
Unknown
7.5
CVSS
HIGH
Remote Denial of Service
400
CWE
Product Name: VPOP3
Affected Version From: VPOP3 2.0.0k
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: a:example:vpop3:2.0.0k
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Remote Denial of Service Vulnerability in VPOP3

The vulnerability in VPOP3 allows an attacker to perform a remote denial of service attack by sending a URI request with a large value for the 'msglistlen' parameter to the web mail interface.

Mitigation:

No known mitigation or remediation is available for this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10782/info

It is reported that VPOP3 is reported prone to a remote denial of service vulnerability. This issue presents itself when an attacker issues a URI request containing a large value for the 'msglistlen' parameter to the web mail interface.

VPOP3 2.0.0k is reported prone to this issue, however, it is likely that other versions are affected as well.

http://www.example.com:5108/messagelist.html?auth=MDA4MDA2MTQ6MTI3LjAuMC4xOmRpbWl0cmlz&msgliststart=0&msglistlen=10&sortfield=date&sortorder=A

Navigation

Suggest Exploit

Services By CQR