Date: Mon, 17 Apr 2000 18:18:43 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: "Michael S. Fischer" <michael@dynamine.net> Cc: security@freebsd.org Subject: Re: Fw: Re: imapd4r1 v12.264 Message-ID: <Pine.BSF.4.21.0004171807100.92968-100000@freefall.freebsd.org> In-Reply-To: <005601bfa8ae$0ad3ece0$7f00800a@corp.auctionwatch.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 17 Apr 2000, Michael S. Fischer wrote:
> This is the current version in the ports collection. Help!
Briefly, the vulnerability seems to be that someone who has a mail account
on the server can get access to the user account which runs imapd. I don't
think it's something that can be exploited by an outsider, so it might be
that in your environment the threat is not significant.
As for workarounds, stay tuned..I havent seen a patch yet.
Kris
----
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0004171807100.92968-100000>