From owner-freebsd-security Tue Jun 30 14:02:30 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA04395 for freebsd-security-outgoing; Tue, 30 Jun 1998 14:02:30 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mercury.jorsm.com (mercury.jorsm.com [207.112.128.9]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA04295; Tue, 30 Jun 1998 14:01:32 -0700 (PDT) (envelope-from jer@jorsm.com) Received: from localhost (jer@localhost) by mercury.jorsm.com (8.8.7/8.8.7) with SMTP id QAA16663; Tue, 30 Jun 1998 16:01:17 -0500 (CDT) Date: Tue, 30 Jun 1998 16:01:16 -0500 (CDT) From: Jeremy Shaffner To: Nicole cc: freebsd-security@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG, brian@FreeBSD.ORG, Sasha Egan , Brian Somers Subject: Re: Remote exploit in qpopper. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Heh..the bastards...They changed it to oldeudora. They could have done that before mailing me with the URL I gave you. On Tue, 30 Jun 1998, Nicole wrote: > > On 30-Jun-98 Jeremy Shaffner wrote: > > > > There is also a new version released today from Qualcomm. 2.5 is > > patched against all known problems. > > ftp://ftp.qualcomm.com/eudora/servers/popper/. > > > > > I just tried to go there and the eudora directory doesn't exist. i also tried > their other reccoemnded site. Anyone know of alternate sites? > > > Nicole > > > > > > FWIW, I compiled the exploit (known as qpush or qpop) and tried it on an > > unpatched 2.41beta1. Although it did cause a overflow and popper exited > > with a signal 11, it did not provide a root shell. The author of this > > particular exploit (It's available on the bugtraq list or from rootshell) > > says that it only works on 2.2 or 2.41b1 and only on Linux systems. (The > > exploit itself can be run from any platform.) > > > > The patches that Jordan has made do work. You can get the new -current > > port and build that, or get 2.5 from qualcomm and build it yourself. > > > > On Tue, 30 Jun 1998, Brian Somers wrote: > > > >> > > >> > Hey Brian, > >> > I dunno if you have been watching some of the lists but there is some > >> > definate problems in Qualcom's popper... > >> [.....] > >> > >> Looks like I spoke too soon. A pile of patches have now been made to > >> popper :-) > >> > >> > Sasha Egan > >> > Belen Consolidated Schools > >> > Belen, NM > >> > (505) 861-4981 > >> > pager: (505) 875-8866 > >> > >> -- > >> Brian , , > >> > >> Don't _EVER_ lose your sense of humour.... > >> > >> > >> > >> To Unsubscribe: send mail to majordomo@FreeBSD.org > >> with "unsubscribe freebsd-questions" in the body of the message > >> > > > > > > -===================================================================- > > Jeremy Shaffner JORSM Internet > > Senior Technical Support Northwest Indiana's Premium > > jer@jorsm.com Internet Service Provider > > support@jorsm.com http://www.jorsm.com > > -===================================================================- > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe security" in the body of the message > > |\ __ /| (`\ > | o_o |__ ) ) > // \\ > Nicole Harrington | SR Systems Administrator > -------------------(((---(((----------------------- > > nicole@mediacity.com - nicole@ispchannel.com > www.mediacity.com - www.ispchannel.com > Phone: 650-237-1464 - Pager: 415-301-2482 > > Powered By Coca-Cola and FreeBSD > > Why do doctors call what they do practice? > Microsoft: What bug would you like today? > ---------------------------------------------------- > > -===================================================================- Jeremy Shaffner JORSM Internet Senior Technical Support Northwest Indiana's Premium jer@jorsm.com Internet Service Provider support@jorsm.com http://www.jorsm.com -===================================================================- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message