[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] QPopper 4.0.x buffer overflow vulnerability

Subject: RE: [cobalt-security] QPopper 4.0.x buffer overflow vulnerability
From: webmaster <webmaster@xxxxxxxxx>
Date: Thu, 13 Mar 2003 15:59:59 -0600
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> -----Original Message-----
> From: Parker Morse [mailto:morse@xxxxxxxxxxx]
> Sent: Wednesday, March 12, 2003 10:48 AM
> To: cobalt-security@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-security] QPopper 4.0.x buffer overflow
> vulnerability
> 
> 
> On Wednesday, March 12, 2003, at 11:31  AM, Goade, Matthew 
> forwarded from 
> bugtraq:
> > I successfully managed to execute arbitrary code using the
> > 'mdef'-command with the binary in the most recent debian-package
> > 'qpopper-4.0.4-8'
> 
> Our Qube3 appears to be running qpopper-3.0.2. Are there (m)any RaQs 
> running newer versions? How would we find out if it affects the older 
> versions?
> 
> pjm
> 

Has anyone confirmed that the RAQ2's are or are not affected by this vuln?
What about a 4.0.4+ package for the MIPS guys?

Prev by Date: Re: [cobalt-security] RaQ3/RaQ4 Qpopper-4.0.5fc2 PKG released
Next by Date: [cobalt-security] Problem Upgrading RAQ3 with OS Update 5.0. help needed
Previous by thread: RE: [cobalt-security] QPopper 4.0.x buffer overflow vulnerability
Next by thread: [cobalt-security] aliases.majordomo autorebuilt by root

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index