| VID |
18032 |
| Severity |
30 |
| Port |
110 |
| Protocol |
TCP |
| Class |
Pop3 |
| Detailed Description |
The Qpopper version allows an attacker to create messages with spoofed headers via a buffer overflow attack. Qpopper is POP3 mail server distributed by Qualcomm for Unix systems.
Qpopper versions 2.53 and 3.0 are exposed to this vulnerability. These versions use the fgets() command to read message headers into a fixed 1024 byte input buffer and returns string in case either '\n' character received or 1023 bytes read. An attacker can overflow this buffer by using a message line that is 1023 characters long and ends in '\n' and create a message with spoofed or incorrect headers. This spoofed message is treated as an internal plaintext message, which is not scanned by virus checking software.
* References:
http://www.iss.net/security_center/static/4349.php
http://www.securityfocus.com/bid/1133 |
| Recommendation |
Upgrade to Qpopper version 3.0.1b2 or later, from the Qualcomm FTP site, "Qpopper software archive" at ftp://ftp.qualcomm.com/eudora/servers/unix/popper/ |
| Related URL |
CVE-2000-0320 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
