Bugtraq mailing list archives
RE: QPopper 4.0.x buffer overflow vulnerability
From: "Jonathan A. Zdziarski" <jonathan () networkdweebs com>
Date: Wed, 12 Mar 2003 12:03:29 -0500
Chrooting qpopper is also a good workaround, as well as good practice. Instructions can be found at http://www.networkdweebs.com/chroot.html
-----Original Message----- From: Jaroslaw Zachwieja [mailto:grok () tnt pl] Sent: Wednesday, March 12, 2003 8:20 AM To: bugtraq () securityfocus com Subject: Re: QPopper 4.0.x buffer overflow vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On pon 10. marca 2003 14:31, Florian Heinz wrote:http://nstx.dereference.de/snippets/qex.c Feedback is welcome.Enforcing TLS/SSL is a temprorary workaround against script-kiddies - exploit (out-of-the-box) will not be able to authenticate. (there is a user foobar, with passwd "lalala" on the system) $ ./qex rootbox foobar lalala Phase 1: Seeking buffer size Connecting to xxx.xxx.xxx.xxx... Logging in... Could not log in. Did you provide a valid username/password-combination? Exiting due to error... that's becouse: $ telnet 0 110 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. +OK ready user foobar - -ERR [AUTH] You must use TLS/SSL or stronger authentication such as APOP to connect to this server quit Not a fix, but who sends plaintext passwords anyway :) Unfortunately, I must assume, that at some point some "friendly" soul will equip qex with TLS/SSL. What is the vendor response on that? - -- grok GPG public key at http://www.keyserver.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+bzP3ANulANzEW40RArDsAJ43VBZhYJXdhWsyGXT59LfwbJkH8wCgs+FW 8g4LLzXZ/D71rkaVjDRBR0c= =CVSC -----END PGP SIGNATURE-----
Current thread:
- QPopper 4.0.x buffer overflow vulnerability Florian Heinz (Mar 11)
- Re: QPopper 4.0.x buffer overflow vulnerability Torsten Mueller (Mar 12)
- Re: QPopper 4.0.x buffer overflow vulnerability Florian Heinz (Mar 12)
- Re: QPopper 4.0.x buffer overflow vulnerability Randall Gellens (Mar 12)
- Re: QPopper 4.0.x buffer overflow vulnerability Florian Heinz (Mar 12)
- Re: QPopper 4.0.x buffer overflow vulnerability Harald Hellmuth (Mar 13)
- Re: QPopper 4.0.x buffer overflow vulnerability Jaroslaw Zachwieja (Mar 12)
- RE: QPopper 4.0.x buffer overflow vulnerability Jonathan A. Zdziarski (Mar 12)
- <Possible follow-ups>
- Re: QPopper 4.0.x buffer overflow vulnerability Jonas Frey (Mar 11)
- Re: QPopper 4.0.x buffer overflow vulnerability Torsten Mueller (Mar 12)