CVE-2000-1198
MEDIUMQualcomm qpopper - Denial of Service via Predictable Lock File Names
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-1198. PoCs published by Alex Mottram.
AI-analyzed exploit summary This exploit demonstrates a denial-of-service (DoS) vulnerability in POP3 daemons like Qualcomm's qpopper and RedHat's imap-4 popd by creating lock files that prevent users from accessing their mail. The PoC uses the 'touch' command to create a lock file in the mail spool directory.
Description
qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes.
Exploits (1)
This exploit demonstrates a denial-of-service (DoS) vulnerability in POP3 daemons like Qualcomm's qpopper and RedHat's imap-4 popd by creating lock files that prevent users from accessing their mail. The PoC uses the 'touch' command to create a lock file in the mail spool directory.
References (3)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H