[15057] in bugtraq
Re: Qpopper 2.53 remote problem, user can gain gid=mail
daemon@ATHENA.MIT.EDU (Sebastian)
Thu May 25 23:01:01 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000525160647.A2830@nb.in-berlin.de>
Date: Thu, 25 May 2000 16:06:47 +0200
Reply-To: Sebastian <scut@NB.IN-BERLIN.DE>
From: Sebastian <scut@NB.IN-BERLIN.DE>
X-To: Prizm <prizm@RESENTMENT.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200005231643.JAA16829@Rage.Resentment.org>; from
prizm@RESENTMENT.ORG on Tue, May 23, 2000 at 09:43:33AM +0000
Hi.
On Tue, May 23, 2000 at 09:43:33AM +0000, Prizm wrote:
> I have attached to this message the advisory with full details +
> exploit on this problem.
Known problem since January 2000, first discovered by portal. See
http://www.security.is/ for a working remote exploit.
Nice anyway :-)
> Prizm/b0f,
ciao
scut / teso
--
- scut@nb.in-berlin.de - http://nb.in-berlin.de/scut/ --- you don't need a --
-- lot of people to be great, you need a few great to be the best ------------
http://3261000594/scut/pgp - 5453 AC95 1E02 FDA7 50D2 A42D 427E 6DEF 745A 8E07
-- data in VK/USA Mayfly experienced, awaiting transfer location, hi echelon -
