[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Urgent: Potato Qpopper root explotable.

Rodney Caston wrote:
> The package maintainer of "qpopper" needs to update the qpopper to the
> newest version, the current one in the potato build is root exploitable.

I don't think it is. The current version of qpopper in potato is 2.53.

Now have a look at the advisory:

Vulnerable versions are all versions of qpop 3.0b, affected operating
systems are _all_ systems that run it. Versions 2.52 and 2.53 do not contain
this bug. The latest version available is 3.0b20, which is vulnerable, along
with all previous 3.0 versions.

So I don't know if you tried the particular sploit and concluded you gained
remote root?  


Reply to: