On Mon, 2 Feb 1998, Peter van Dijk wrote: > [attic bug report nr. 1] > > While fooling around a little with NIS/YP (didn't get it completely > working...) I ran into a bug in the imapd and ipop3d that come with > slackware 3.4 (if you install the pine package). > Earlier slackware versions will problably NOT suffer from this bug, > because they did not include shadowing. > > When fed an unknown username, imapd and ipop3d will dump core: > > [root@koek] /# telnet zopie 110 > Trying 10.10.13.1... > Connected to zopie.attic.vuurwerk.nl. > Escape character is '^]'. > +OK zopie.attic.vuurwerk.nl POP3 3.3(20) w/IMAP2 client (Comments to MRCat_private) at Sun, 1 Feb 1998 23:45:06 +0100 (CET) > user root > +OK User name accepted, password please > pass linux > [this is not the correct password] > -ERR Bad login > user john > [i have no user named john] > +OK User name accepted, password please > pass doe > Connection closed by foreign host. > This does not affect slackware 3.3 (which HAS shadow !!!!!). May be a bug in that version of ipop3d :( root@licj:~# tn licj 110 Trying 193.226.84.250... Connected to licj.soroscj.ro. Escape character is '^]'. +OK licj POP3 Server (Version 1.005h) ready at <Mon Feb 02 13:27:01 1998> user root +OK please send PASS command pass kaka -ERR invalid usercode or password, please try again user kkt +OK please send PASS command pass lksdghsql -ERR invalid usercode or password, please try again user raf +OK please send PASS command pass a;sdkljfh -ERR invalid usercode or password, please try again ........ and so on..... Radu-Adrian Feurdean
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:41:16 PDT