ConnecTalk Security Advisory: Qpopper leaks information during authentication

============================================================================= ConnecTalk Inc. Security Advisory Topic: Qpopper leaks information during authentication Vendor: Eudora Product: qpopper 4.0.4 and qpopper 4.0.5 Note: other versions have not been tested. Problem found: May 14, 2003...

Qpopper v4.0.x poppassd local root exploit

======================================== INetCop Security Advisory 2003-0x82-016 ======================================== Title: Qpopper v4.0.x poppassd local root exploit 0x01. Description Qpopper poppassd is a program that changes system passwords thus allowing users to change their mail...

CVE-2000-1198

qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users lack of mail access by creating lock files for other mail boxes...

Проблемы с PAM в Qpopper (information leakage)

При использовании pam выдаются разные сообщения об ошибке при неверном пароле и несуществующем пользователе...

unsafe fgets() in qpopper

Topic: unix mailbox parsing trouble in qpopper Software affected: qpopper 3.0 fc2 and probably others Description: malicious user can remotely post message with spoofed or incorrect headers including "Received:" one and in some cases bypass virus checking. This can be used for sending trojans or ...

Очередная дырка в qpopper 2.53

Ввод пользователя используется в качестве форматной строки, что позволяет переполнить буфер и получить привилегии группы mail...