From owner-freebsd-security  Sun Jul 19 12:05:07 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id MAA09241
          for freebsd-security-outgoing; Sun, 19 Jul 1998 12:05:07 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from lariat.lariat.org (ppp1000.lariat.org@[206.100.185.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA09232
          for <security@freebsd.org>; Sun, 19 Jul 1998 12:05:01 -0700 (PDT)
          (envelope-from brett@lariat.org)
Received: (from brett@localhost)
	by lariat.lariat.org (8.8.8/8.8.8) id NAA00633;
	Sun, 19 Jul 1998 13:04:39 -0600 (MDT)
Message-Id: <199807191904.NAA00633@lariat.lariat.org>
X-Sender: brett@mail.lariat.org
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 
Date: Sun, 19 Jul 1998 13:04:32 -0600
To: Alfred <perlsta@fs3.ny.genx.net>
From: Brett Glass <brett@lariat.org>
Subject: Re: Why is there no info on the QPOPPER hack?
Cc: security@FreeBSD.ORG
In-Reply-To: <Pine.SOL.4.00.9807191434410.28070-100000@fs3.ny.genx.net>
References: <199807191709.LAA28734@lariat.lariat.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

I'm on "announce;" didn't get it. (In fact, I haven't gotten ANYTHING from
that
list for a long time. Is it dead?) I check the Web site regularly; no
mention of it there. I'm on "chat;" no mention there.

--Brett

At 02:36 PM 7/19/98 -0400, you wrote:
 
>y'know not to flame, but the popper sploit was the topic of 1/3 of the
>e-mails on all the lists i'm on freebsd as well as others.
>
>if you keep your head in a hole you're not going to get any help or
>warning.  you didn't expect chuck to knock  on your door and tell you, did
>you? :)
>
>i suggest you subscribe to some of the lists, at LEAST security.
>
>-Alfred
>
>On Sun, 19 Jul 1998, Brett Glass wrote:
>
>> Our system has been penetrated via a buffer overflow exploit in Qualcomm's
>> QPOPPER, as obtained from the FreeBSD ports library. But there's no
>> advisory about this on FreeBSD's site.... In fact, we learned of the
>> exploit only because the cracker was sloppy.
>> 
>> We need advice on resecuring the system and preventing future incidents of
>> this kind. CERT has been utterly unresponsive; they seem to have ignored
>> our two e-mails asking for help. Any help we can get from members of the
>> FreeBSD community would be MUCH appreciated.
>> 
>> --Brett Glass
>> 
>> 
>> To Unsubscribe: send mail to majordomo@FreeBSD.org
>> with "unsubscribe security" in the body of the message
>> 
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message