[1997] in linux-security and linux-alert archive
[linux-security] Re: Qpop CERT advisory?
daemon@ATHENA.MIT.EDU (Christopher Hicks)
Sat Jul 18 06:33:28 1998
Date: Fri, 17 Jul 1998 11:49:25 -0400 (EDT)
From: Christopher Hicks <chicks@chicks.net>
To: "B. James Phillippe" <bryan@terran.org>
cc: "Levy Carneiro Jr." <levy@fractal.com.br>,
Linux Security <linux-security@tarsier.cv.nrao.edu>,
linux-security@redhat.com
In-Reply-To: <Pine.LNX.3.96.980716111650.1927B-100000@earth.terran.org>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
On Thu, 16 Jul 1998, B. James Phillippe wrote:
> The question was meant to be interpreted: is the POP daemon distributed
> with RedHat affected by the same exploits? Many people have responded
> with information that doesn't answer the question. I have also received
> responses from people stating that the POP with RedHat (imap-4.1) is not
> affected, and others who say it is. I've tried running two of the
> exploits I could find on the Bugtraq archive against a RedHat-4.2 system
> with no success. So the question still stands: is the imap package
> distributed with RedHat also vulnerable to the qpopper exploit, or any
> other POP exploit? It doesn't appear to be, but...
The simplest thing to do is to check the errata on RedHat's web site.
They provide updates and they're usually timely. They've been doing a
security audit and a number of updates should be installed.
</chris>
--
load average: 1.00, 1.00, 1.00
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null