| VID |
18089 |
| Severity |
30 |
| Port |
110 |
| Protocol |
TCP |
| Class |
POP3 |
| Detailed Description |
The Qpopper POP3 server, according to its banner, has two insecure file handling vulnerabilities. Qpopper is a free available POP3 mail server for Unix systems, is distributed by Qualcomm. Qpopper version 4.0.5 and earlier versions are vulnerable to two local, insecure file handling vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges:
1) An error where user supplied config and trace files are processed with escalated privileges, can be exploited to create or overwrite arbitrary files.
2) An unspecified error can be exploited to create group or world-writable files.
* Note: This check solely relied on the banner of the remote POP3 server to assess this vulnerability, so this might be a false positive.
* References:
http://secunia.com/advisories/15475/
http://archives.neohapsis.com/archives/bugtraq/2005-05/0293.html
* Platforms Affected:
Qualcomm, Qpopper version 4.0.5 and earlier versions
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Qpopper (4.0.6 or later), available from the Qualcomm Web site at http://www.eudora.com/qpopper/
For Debian GNU/Linux 3.0 (woody):
Upgrade to the latest version of qpopper (4.0.4-2.woody or later), as listed in Debian Security Advisory DSA-728-1 at http://www.debian.org/security/2005/dsa-728
For SuSE Linux:
Apply the appropriate fixed packages via the SuSE FTP server or the YaST Online Update, as listed in SuSE Security Summary Report SUSE-SR:2005:014 at http://www.novell.com/linux/security/advisories/2005_14_sr.html |
| Related URL |
CVE-2005-1151,CVE-2005-1152 (CVE) |
| Related URL |
13714 (SecurityFocus) |
| Related URL |
20760,20762 (ISS) |
|
