Chrooting qpopper is also a good workaround, as well as good practice. Instructions can be found at http://www.networkdweebs.com/chroot.html > -----Original Message----- > From: Jaroslaw Zachwieja [mailto:grok@tnt.pl] > Sent: Wednesday, March 12, 2003 8:20 AM > To: bugtraq@securityfocus.com > Subject: Re: QPopper 4.0.x buffer overflow vulnerability > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On pon 10. marca 2003 14:31, Florian Heinz wrote: > > > http://nstx.dereference.de/snippets/qex.c > > Feedback is welcome. > > Enforcing TLS/SSL is a temprorary workaround against script-kiddies - > exploit (out-of-the-box) will not be able to authenticate. > > (there is a user foobar, with passwd "lalala" on the system) > > $ ./qex rootbox foobar lalala > Phase 1: Seeking buffer size > Connecting to xxx.xxx.xxx.xxx... Logging in... Could not log in. Did you > provide a valid username/password-combination? > Exiting due to error... > > that's becouse: > > $ telnet 0 110 > Trying 0.0.0.0... > Connected to 0. > Escape character is '^]'. > +OK ready > user foobar > - -ERR [AUTH] You must use TLS/SSL or stronger authentication such as APOP > to > connect to this server > quit > > Not a fix, but who sends plaintext passwords anyway :) Unfortunately, I > must assume, that at some point some "friendly" soul will equip qex with > TLS/SSL. > > What is the vendor response on that? > - -- > grok > > GPG public key at http://www.keyserver.net > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (GNU/Linux) > > iD8DBQE+bzP3ANulANzEW40RArDsAJ43VBZhYJXdhWsyGXT59LfwbJkH8wCgs+FW > 8g4LLzXZ/D71rkaVjDRBR0c= > =CVSC > -----END PGP SIGNATURE----- > >
