From owner-freebsd-security Tue Jun 30 11:32:26 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA09309 for freebsd-security-outgoing; Tue, 30 Jun 1998 11:32:26 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mercury.jorsm.com (mercury.jorsm.com [207.112.128.9]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA09137; Tue, 30 Jun 1998 11:32:02 -0700 (PDT) (envelope-from jer@jorsm.com) Received: from localhost (jer@localhost) by mercury.jorsm.com (8.8.7/8.8.7) with SMTP id NAA08633; Tue, 30 Jun 1998 13:30:56 -0500 (CDT) Date: Tue, 30 Jun 1998 13:30:55 -0500 (CDT) From: Jeremy Shaffner To: Brian Somers cc: Sasha Egan , brian@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: Remote exploit in qpopper. In-Reply-To: <199806300740.IAA11820@awfulhak.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org There is also a new version released today from Qualcomm. 2.5 is patched against all known problems. ftp://ftp.qualcomm.com/eudora/servers/popper/. FWIW, I compiled the exploit (known as qpush or qpop) and tried it on an unpatched 2.41beta1. Although it did cause a overflow and popper exited with a signal 11, it did not provide a root shell. The author of this particular exploit (It's available on the bugtraq list or from rootshell) says that it only works on 2.2 or 2.41b1 and only on Linux systems. (The exploit itself can be run from any platform.) The patches that Jordan has made do work. You can get the new -current port and build that, or get 2.5 from qualcomm and build it yourself. On Tue, 30 Jun 1998, Brian Somers wrote: > > > > Hey Brian, > > I dunno if you have been watching some of the lists but there is some > > definate problems in Qualcom's popper... > [.....] > > Looks like I spoke too soon. A pile of patches have now been made to > popper :-) > > > Sasha Egan > > Belen Consolidated Schools > > Belen, NM > > (505) 861-4981 > > pager: (505) 875-8866 > > -- > Brian , , > > Don't _EVER_ lose your sense of humour.... > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -===================================================================- Jeremy Shaffner JORSM Internet Senior Technical Support Northwest Indiana's Premium jer@jorsm.com Internet Service Provider support@jorsm.com http://www.jorsm.com -===================================================================- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message