[1469] in linux-security and linux-alert archive
[linux-alert] Re: imapd and ipop3d hole
daemon@ATHENA.MIT.EDU (Rod Payne)
Tue Mar 4 05:33:10 1997
In-Reply-To: <Pine.BSI.3.95.970302214229.341A-100000@silence.secnet.com>
To: linux-alert@redhat.com
From: "Rod Payne" <rhp7912@chob.edu>
Date: Mon, 03 Mar 97 17:04:17 PST
Resent-From: linux-alert@redhat.com
Reply-To: linux-alert@redhat.com
> Buffer Overflow in imapd and ipop3d
>
> Vulnerable Systems
> ~~~~~~~~~~~~~~~~~~
>
> Any system running Mark Crispin's POP or IMAP server, of a release
> earlier than 4.1beta is vulnerable. To determine whether your system
Previously available 4.1 BETA's appear to also be vulnerable. See below.
> is vulnerable, telnet to ports 109, 110, 143 and 220. If you see a banner
> looking like:
>
> +OK example.com POP3 3.0(10) w/IMAP client (Report problems in this server
> to MRC@CAC.Washington.edu) at Mon, 3 Mar 1998 12:00:00 -0500 (EST)
>
> Then your system is vulnerable. If you see "POP3 3.3" or "IMAP4rev1"
> or later, your POP or IMAP server is not vulnerable.
>
Note that imap-4.1.BETA has had several revisions. The CURRENT 4.1
BETA has been fixed, but some previous ones were not. I had one that
returned "POP3 3.3(36)" that did not have the fixes that are contained
in the one that I downloaded today that returns "POP3 3.3(37)".
[mod: reformatted for easier reading -- REW]
=========================================================
Roderick H. Payne mailto:rhp7912@chob.edu
Information Services Director phone: 716-878-7490
Children's Hospital of Buffalo http://www.chob.edu/
=========================================================