| VID |
18049 |
| Severity |
40 |
| Port |
110 |
| Protocol |
TCP |
| Class |
POP3 |
| Detailed Description |
The Qpopper POP3 server, according to its banner, may have a buffer overflow vulnerability.
The pop_msg function in Qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf. The security vulnerability occurs when calling the 'mdef' command and a malicious macro name is supplied. This flaw could allow authenticated users to execute arbitrary code with the privileges of the Qpopper service.
* Note: This check solely relied on the banner of the remote Qpopper server to assess this vulnerability, so this might be a false positive.
* References:
http://marc.theaimsgroup.com/?l=bugtraq&m=104739841223916&w=2
http://marc.theaimsgroup.com/?l=bugtraq&m=104748775900481&w=2
http://www.debian.org/security/2003/dsa-259
http://marc.theaimsgroup.com/?l=bugtraq&m=104768137314397&w=2
http://marc.theaimsgroup.com/?l=bugtraq&m=104792541215354&w=2
* Platforms Affected:
Qpopper version 4.0.4 and earlier |
| Recommendation |
Upgrade to the latest version of Qpopper (4.0.5fc2 or later), available from the Qualcomm Qpopper ftp site, ftp://ftp.qualcomm.com/eudora/servers/unix/popper/beta/
For Debian GNU/Linux 3.0:
Upgrade to the latest version of Qpopper (4.0.4-9 or later), as listed in Debian Security Advisory DSA-259-1, http://www.debian.org/security/2003/dsa-259
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2003-0143 (CVE) |
| Related URL |
7058 (SecurityFocus) |
| Related URL |
(ISS) |
|
