Date: Sun, 19 Jul 1998 13:04:32 -0600 From: Brett Glass <brett@lariat.org> To: Alfred <perlsta@fs3.ny.genx.net> Cc: security@FreeBSD.ORG Subject: Re: Why is there no info on the QPOPPER hack? Message-ID: <199807191904.NAA00633@lariat.lariat.org> In-Reply-To: <Pine.SOL.4.00.9807191434410.28070-100000@fs3.ny.genx.net> References: <199807191709.LAA28734@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm on "announce;" didn't get it. (In fact, I haven't gotten ANYTHING from that list for a long time. Is it dead?) I check the Web site regularly; no mention of it there. I'm on "chat;" no mention there. --Brett At 02:36 PM 7/19/98 -0400, you wrote: >y'know not to flame, but the popper sploit was the topic of 1/3 of the >e-mails on all the lists i'm on freebsd as well as others. > >if you keep your head in a hole you're not going to get any help or >warning. you didn't expect chuck to knock on your door and tell you, did >you? :) > >i suggest you subscribe to some of the lists, at LEAST security. > >-Alfred > >On Sun, 19 Jul 1998, Brett Glass wrote: > >> Our system has been penetrated via a buffer overflow exploit in Qualcomm's >> QPOPPER, as obtained from the FreeBSD ports library. But there's no >> advisory about this on FreeBSD's site.... In fact, we learned of the >> exploit only because the cracker was sloppy. >> >> We need advice on resecuring the system and preventing future incidents of >> this kind. CERT has been utterly unresponsive; they seem to have ignored >> our two e-mails asking for help. Any help we can get from members of the >> FreeBSD community would be MUCH appreciated. >> >> --Brett Glass >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe security" in the body of the message >> > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807191904.NAA00633>