Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Debian Local Security Checks --> Category: infos

[DSA728] DSA-728-2 qpopper Vulnerability Scan

Vulnerability Scan Summary
DSA-728-2 qpopper

Detailed Explanation for this Vulnerability Test

This advisory does only cover updated packages for Debian 3.0
alias woody. For reference below is the original advisory text:
Two bugs have been discovered in qpopper, an enhanced Post Office
Protocol (POP3) server. The Common Vulnerabilities and Exposures
project identifies the following problems:
Jens Steube discovered that while processing local files owned or
provided by a normal user rights weren't dropped, which could
lead to the overwriting or creation of arbitrary files as root.
The upstream developers noticed that qpopper could be tricked to
creating group- or world-writable files.
For the stable distribution (woody) these problems have been fixed in
version 4.0.4-2.woody.5.
For the testing distribution (sarge) these problems have been fixed in
version 4.0.5-4sarge1.
For the unstable distribution (sid) these problems will be fixed in
version 4.0.5-4sarge1.
We recommend that you upgrade your qpopper package.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.