Date: Sun, 19 Jul 1998 14:36:43 -0400 (EDT) From: Alfred <perlsta@fs3.ny.genx.net> To: Brett Glass <brett@lariat.org> Cc: security@FreeBSD.ORG Subject: Re: Why is there no info on the QPOPPER hack? Message-ID: <Pine.SOL.4.00.9807191434410.28070-100000@fs3.ny.genx.net> In-Reply-To: <199807191709.LAA28734@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
y'know not to flame, but the popper sploit was the topic of 1/3 of the e-mails on all the lists i'm on freebsd as well as others. if you keep your head in a hole you're not going to get any help or warning. you didn't expect chuck to knock on your door and tell you, did you? :) i suggest you subscribe to some of the lists, at LEAST security. -Alfred On Sun, 19 Jul 1998, Brett Glass wrote: > Our system has been penetrated via a buffer overflow exploit in Qualcomm's > QPOPPER, as obtained from the FreeBSD ports library. But there's no > advisory about this on FreeBSD's site.... In fact, we learned of the > exploit only because the cracker was sloppy. > > We need advice on resecuring the system and preventing future incidents of > this kind. CERT has been utterly unresponsive; they seem to have ignored > our two e-mails asking for help. Any help we can get from members of the > FreeBSD community would be MUCH appreciated. > > --Brett Glass > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.00.9807191434410.28070-100000>