[7587] in bugtraq
Re: Solaris 2.4 pop buffer overrun
daemon@ATHENA.MIT.EDU (Julio Casal)
Mon Aug 10 11:13:52 1998
Date: Mon, 10 Aug 1998 10:25:46 +0200
Reply-To: Julio Casal <julio.casal@SERVICOM.ES>
From: Julio Casal <julio.casal@SERVICOM.ES>
X-To: dleeds@dfacades.com
To: BUGTRAQ@NETSPACE.ORG
>uhhh... since when does sun have its own pop3 daemon??
>
It may not be shipped with Solaris 2.4, sorry about that, but SUNWpop exists,
I think it came as an extra with first Netra servers. I've seen it in some
installations by Sun.
Julio.
>On 05-Aug-98 Julio Casal wrote:
>> An old one I guess known but I never saw it in the list:
>>
>> Solaris 2.4 popper has an overflow in the username explotaible obviously
>> as root.
>> It's also easy to get root's shadow entry in the core dumped just
failing to
>> log as root before overruning the username.
>>
>> Cheers,
>> Julio.
>
>
>
>-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>Daniel Leeds Systems Administrator
>dleeds@dfacades.com DigitalFacades
>-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>
