Family: Misc. --> Category: infos
qpopper options buffer overflow Vulnerability Scan
Vulnerability Scan Summary
qpopper options buffer overflow
Detailed Explanation for this Vulnerability Test
The remote qpopper server, according to its banner, is
running version 4.0.3 or version 4.0.4. These versions
are vulnerable to a buffer overflow if they are configured
to allow the processing of a user's ~/.qpopper-options file.
A local user can cause a buffer overflow by setting the
bulldir variable to something longer than 256 characters.
*** This test could not confirm the existence of the
*** problem - it relied on the banner being returned.
Solution : Upgrade to the latest version, or disable
processing of user option files.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.