From owner-freebsd-questions  Mon Jun 29 12:41:18 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id MAA23128
          for freebsd-questions-outgoing; Mon, 29 Jun 1998 12:41:18 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from dax.belen.k12.nm.us (stargate.belen.k12.nm.us [206.206.121.42])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA23067;
          Mon, 29 Jun 1998 12:40:47 -0700 (PDT)
          (envelope-from wildcard@dax.belen.k12.nm.us)
Received: from localhost (wildcard@localhost)
	by dax.belen.k12.nm.us (8.8.7/8.8.7) with SMTP id NAA01677;
	Mon, 29 Jun 1998 13:42:47 -0600 (MDT)
	(envelope-from wildcard@dax.belen.k12.nm.us)
Date: Mon, 29 Jun 1998 13:42:47 -0600 (MDT)
From: Sasha Egan <wildcard@dax.belen.k12.nm.us>
To: brian@FreeBSD.ORG
cc: freebsd-questions@FreeBSD.ORG
Subject: Remote exploit in qpopper.
Message-ID: <Pine.BSF.3.96.980629133325.28479A-100000@dax.belen.k12.nm.us>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Hey Brian, 
I dunno if you have been watching some of the lists but there is some
definate problems in Qualcom's popper...
There have been so many diffrent exploits found in such a short period of
time that even if I had installed a patch I would still be vulnerable.  I
would very much like your advice as well as any advice from people who are
addressing the issue as to what to do to cover ALL the holes that are
known in the popper program.  Is FreeBSD going to make a patch available
that will patch all the holes it they exists or am I going to have to do
this penny-anny, one patch at a time.

Just a suggestion to all that have not heard about this problem...I would
disable the popper program until all problems have been addressed...I have
been compromised ( my system) once already and I hope to God that the
script kiddie didn't know how to edit kernel code or I am toast.

Thanks Brian.

Sasha Egan
Belen Consolidated Schools
Belen, NM 
(505) 861-4981
pager: (505) 875-8866




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message