[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] QPopper 4.0.x buffer overflow vulnerability

Subject: Re: [cobalt-security] QPopper 4.0.x buffer overflow vulnerability
From: paul jacobs <paul@xxxxxxxxxxxxxxxxxx>
Date: Wed, 12 Mar 2003 09:30:32 -0800
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

At 08:48 AM 3/12/2003, you wrote:

On Wednesday, March 12, 2003, at 11:31 AM, Goade, Matthew forwarded frombugtraq:
I successfully managed to execute arbitrary code using the
'mdef'-command with the binary in the most recent debian-package
'qpopper-4.0.4-8'
Our Qube3 appears to be running qpopper-3.0.2. Are there (m)any RaQsrunning newer versions? How would we find out if it affects the older versions?
pjm


When do you think SUN Cobalt will have a fix for this one?.
Hopefully pkgmaster or solarspeed will have a fix sooner than SUN will.

_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security


Best Regards,
Paul Jacobs / SR. Network Manager
Microsoft  MCP 2000 / Cisco Certified
Design / Install / Troubleshoot / Optimize /
Security of WANs / LANs / Data Recovery
Mon. - Fri. 9AM - 5PM (619)336-1400
http://www.adv-data.com

References:
- [cobalt-security] QPopper 4.0.x buffer overflow vulnerability
  - From: Goade, Matthew
- Re: [cobalt-security] QPopper 4.0.x buffer overflow vulnerability
  - From: Parker Morse

Prev by Date: [cobalt-security] aliases.majordomo autorebuilt by root
Next by Date: RE: [cobalt-security] QPopper 4.0.x buffer overflow vulnerability
Previous by thread: Re: [cobalt-security] QPopper 4.0.x buffer overflow vulnerability
Next by thread: RE: [cobalt-security] QPopper 4.0.x buffer overflow vulnerability

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index