[7154] in bugtraq
Qpopper
daemon@ATHENA.MIT.EDU (digi)
Thu Jul 2 13:22:51 1998
Date: Wed, 1 Jul 1998 19:11:42 -0700
Reply-To: digi <digi@INREACH.NET>
From: digi <digi@INREACH.NET>
To: BUGTRAQ@NETSPACE.ORG
Today, qpopper 2.52 was installed on saturn. (our primary server). Later
today, it was compromised, the intruders claimed to of used that to gain
root access. Neither of the intruders had access to the system before they
attempted to compromise it, I didnt see any message saying that only one
specific version was patched, so a coworker assumed that it was patched
and installed it. Either 2.52 is insecure, or the intruders are lying.
-- Brian Hourigan
