From owner-freebsd-security Mon May 15 7:28:33 2000 Delivered-To: freebsd-security@freebsd.org Received: from shell.telemere.net (shell.telemere.net [63.224.9.3]) by hub.freebsd.org (Postfix) with ESMTP id 18CAD37B5B2 for ; Mon, 15 May 2000 07:28:30 -0700 (PDT) (envelope-from visigoth@telemere.net) Received: by shell.telemere.net (Postfix, from userid 1001) id E44D170601; Mon, 15 May 2000 09:27:40 -0500 (CDT) Received: from localhost (localhost [127.0.0.1]) by shell.telemere.net (Postfix) with ESMTP id E0D296C807 for ; Mon, 15 May 2000 09:27:40 -0500 (CDT) Date: Mon, 15 May 2000 09:27:40 -0500 (CDT) From: Visigoth To: freebsd-security@freebsd.org Subject: qpopper discussion on BUGTRAQ Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Greetings all... I was just curious as to what the freebsd stance on the possible qpopper-2.53 vuln as is being discussed on BUGTRAQ. Has this vuln been tested with the freebsd port? Are there known issues? I am going to (hopefully) be taking a look at the "exploitability" of the freebsd port for qpopper-2.53 but I was wondering if someone had already done all the work. I under stand that the exploit posted on bugtraq would need to be modified, but I am wondering if the security/ports team have taken care of the offending piece of code already (which is so often the case)... Even just a "Blah Blah Blah, NOT vulnerable" would be kewl... Thanks Visigoth Damieon Stark Sr. Unix Systems Administrator visigoth@telemere.net ____________________________________________________________________________ | - M$ Win 2K was built for the internet. | - Unix _BUILT_ the internet. | FreeBSD - The POWER to serve | http://www.freebsd.org your call... | | ---------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message