← CVECheck
HomeVulnerabilities

CVE-2000-0583 — MEDIUM severity vulnerability (vchkpw program in vpopmail before version 4.8 does not prope)

vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or PASS command that contains arbitrary formatting directives.

CVE IDCVE-2000-0583
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:N/I:N/A:P
CWENVD-CWE-Other
StatusModified
Published2000-06-30
Last modified2026-04-16
Descriptionvchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or PASS command that contains arbitrary formatting directives.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →