[20212] in bugtraq
QPC POPd Buffer Overflow Vulnerability
daemon@ATHENA.MIT.EDU (SNS Research)
Mon Apr 16 02:55:08 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <467208585.20010413211223@greyhack.com>
Date: Fri, 13 Apr 2001 21:12:23 +0200
Reply-To: SNS Research <vuln-dev@greyhack.com>
From: SNS Research <vuln-dev@greyhack.com>
To: BUGTRAQ@SECURITYFOCUS.COM
Strumpf Noir Society Advisories
! Public release !
<--#
-= QPC POPd Buffer Overflow Vulnerability =-
Release date: Saturday, April 14, 2001
Introduction:
QPC's popd is the pop3 mailserver component of the company's
QVT/NET product line for MS Windows.
The popd and the rest of the QVT/Net product line is available
from vendor QPC's website: http://www.qpc.com
Problem(s):
The pop daemon that ships with the QVT/NET software suite contains
an unchecked buffer in the logon function. When a username or
password of 584 bytes or more gets fed to the server the buffer
will overflow and will trigger an access violation, after which
the server dies.
(..)
Solution:
Vendor QPC was notified but has yet to respond.
This was tested against QVT/Net Popd 4.20 coming with the QVT/Net
5.0 suite, running on MS Win2k.
yadayadayada
Free sk8! (http://www.freesk8.org)
SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)
compliant, all information is provided on AS IS basis.
EOF, but Strumpf Noir Society will return!
