<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Re: Attacks using pop

Re: Attacks using pop

From: Alan Brown <alan_at_manawatu.planet.org.nz>
Date: Wed, 5 Jun 1996 12:27:40 +1200

On Tue, 4 Jun 1996 simes_at_tcp.co.uk wrote:

> Thist really depends on the POP3 server you are using. It should really
> just read directly from the .pop file and ignore the actual mailbox.
> Certainly, this is how the POP3 server we have works. I would say that
> any POP3 server that appends the .pop file back onto the mail box itself
> when it loses the connection to the POP3 client is broken.

The pop server in question was Qualcomm's 2.1.4 qpopper as well as
an older pop server.

Qualcomm's 2.2 server has a server mode compilation switch which inhibits
this bbehaviour. I installed it overnight and there seem to be no
problems so far. As well as curing the server problem it disconnects
after 1 failed login attempt.

AB
Received on Jun 04 1996

This message: [ Message body ]
Next message: Albert Lunde: "Re: Not so much a bug as a warning of new brute force attack"
Previous message: Jeff Uphoff: "Re: syslogd"
In reply to: simes_at_tcp.co.uk: "Re: Attacks using pop"
Next in thread: Jeff Uphoff: "[linux-alert] Serious Security hole in getpwnam () [Forwarded"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos