CVE-2001-1487

Qualcomm Qpopper <4.0 - Local Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-1487. PoCs published by IhaQueR.

AI-analyzed exploit summary This exploit leverages a symlink vulnerability in Qpopper's popauth utility (CVE-2001-1487) to create a SUID shell for privilege escalation. It abuses the trace option to follow a malicious symlink and execute arbitrary commands, ultimately granting the attacker elevated privileges.

Description

popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option.

Exploits (1)

exploitdb WORKING POC VERIFIED

by IhaQueR · bashremoteunix

https://www.exploit-db.com/exploits/21185

View Code ZIP pw:eip

This exploit leverages a symlink vulnerability in Qpopper's popauth utility (CVE-2001-1487) to create a SUID shell for privilege escalation. It abuses the trace option to follow a malicious symlink and execute arbitrary commands, ultimately granting the attacker elevated privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Qpopper (popauth utility)

No auth needed

Prerequisites: Access to a system with vulnerable Qpopper installation · popauth binary with setuid bit set

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/7707

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/246069

Scores

EPSS 0.0052

EPSS Percentile 40.1%

Details

Status published

Products (1)

qualcomm/qpopper < 4.0

Published Dec 31, 2001

Tracked Since Feb 18, 2026