|
Family: Gain a shell remotely --> Category: infos
qpopper euidl problem Vulnerability Scan
Vulnerability Scan Summary checks for the version of qpopper
Detailed Explanation for this Vulnerability Test
Synopsis :
It is possible to execute arbitrary code on the remote host
through the remote POP server
Description :
The remote version of the qpopper POP server contains a bug
which may allow authenticated users who have a pop account
to gain a shell with the gid 'mail' by sending to themselves a
specially crafted mail.
Solution :
Upgrade to the latest qpopper software
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:R/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|