[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: what's up with security?

On Thu, May 25, 2000 at 11:13:38AM +0200, Miquel van Smoorenburg wrote:
> According to Petr Cech:
> > On Wed, May 24, 2000 at 11:27:24PM -0700 , Joey Hess wrote:
> > qpopper is safe IIRC recent discusion. or the fix shold be installed yesterday
> > Should this go to slink also?
> The qpopper bug is not very serious. It makes it possible to send fake
> emails to someone, even if that person has heavy filtering (for example,
> a copy of the ILOVEYOU virus). That is all. There is no shell- or root
> exploit involved.

there is another bug in qpopper 2.53 discussed on bugtraq where it is
possible to get a gid=mail shell.  i think this is new and unrelated
to the last one.  i don't service pop3 so i did not keep really close
track of the latest problems in qpopper...

Ethan Benson

Attachment: pgpaGKSBcXw2W.pgp
Description: PGP signature

Reply to: