http://freshmeat.net/projects/cucipop/?topic_id=34
Good luck!
JR
At 04:49 PM 3/11/2003, Alan W. Rateliff, II wrote:
----- Original Message ----- From: "Brad Stockdale" <[EMAIL PROTECTED]> To: "Subscribers of Qpopper" <[EMAIL PROTECTED]> Sent: Tuesday, March 11, 2003 4:45 PM Subject: Re: The Qpopper 4.0.x exploit
> Hello all, > > I'm sure by now you all have heard that there is a Qpopper 4.0.x > exploit going around... (If not, it was posted to bugtraq sometime this > morning I believe -- Should be findable on the bugtraq archives)
> I was just wondering if anyone had a temporary or permanent fix for the > problem?
What really irks me is that we shouldn't have to ask this question. I don't know what the order of events are, but it seems to me that this vulnerability was made public with a POC exploit before Qualcomm was given time to inform us and supply a patch.
As someone admining a great number of servers running QPopper, I'm more than a little pissed about this. I guess having more information would be helpful, but my immediate complaint is founded.
>From what I understand, it's mitigated some by requiring a valid username and password. That eases my worries somewhat.
Anyone else?
-- Alan W. Rateliff, II : RATELIFF.NET Independent Technology Consultant : [EMAIL PROTECTED] (Office) 850/350-0260 : (Mobile) 850/559-0100 ------------------------------------------------------------- [System Administration][IT Consulting][Computer Sales/Repair]
