UoW Pop2d Remote File Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'UoW pop2d Remote File Retrieval Vulnerability', 'Description' = %q This module exploits a vulnerability in the FOLD command of the University of...

UoW pop2d Remote File Retrieval Vulnerability

This module exploits a vulnerability in the FOLD command of the University of Washington ipop2d service. By specifying an arbitrary folder name it is possible to retrieve any file which is world or group readable by the user ID of the POP account. This vulnerability can only be exploited with a...

ipop2d fold Command Arbitrary File Access

Binary data 1783.prm...

CVE-1999-0920

CVE-1999-0920 affects the pop-2d POP daemon in the IMAP package. The root cause is a buffer overflow triggered by the FOLD command, enabling remote attackers to gain privileges. Public references describe the issue as high-severity with a network‑vectored, low‑complexity exploit and a CVSS v2 bas...

CVE-1999-0920

Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command...