Where these buffer overflows and "other uses of '%s'" that were repaired only in qpopper 3.x? Are those of us running 2.53 not affected? Or do we need to upgrade? Rich On Wed, 1 Dec 1999, Qpopper Support wrote: > All reported buffer overruns are fixed in qpopper3.0b22, which is > available at <ftp://ftp.qualcomm.com/eudora/servers/unix/popper/>. > > In addition, other users of '%s' were examined and limited applied to > some which could theoretically cause a crash. > > > Message-ID: <Pine.LNX.4.10.9911301500310.26891-200000at_private> > > Date: Tue, 30 Nov 1999 15:25:25 -0500 > > Reply-To: Lucid Solutions <lucidat_private> > > Sender: Bugtraq List <BUGTRAQat_private> > > From: Lucid Solutions <lucidat_private> > > Subject: qpop3.0b20 and below - notes and exploit > > > > I found this overflow myself earlier this month. Seems someone > > else recently found it before Qualcomm was able to issue a patch. The 2.x > > series is not vunlnerable because AUTH is not yet supported and the error > > returned by attempting to use AUTH does not call pop_msg() with any user > > input. > > > > There is also another overflow besides the AUTH overflow which can > > occur if a valid username and password are first entered also occuring in > > pop_msg(). > > pop_get_subcommand.c contains this line near the bottom in qpopper3.0b20: > > pop_msg(p,POP_FAILURE, > > "Unknown command: \"%s %s\".",p->pop_command,p->pop_subcommand); > > > >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:21:36 PDT