Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Linux imapd remote vunerability.
From: felicity () KLUGE NET (Theo Van Dinter)
Date: Wed, 25 Jun 1997 12:16:20 -0400

On Wed, 25 Jun 1997, inter wrote:

sure however if it exists in slackware, (most slackware boxes I have seen
dont even have imapd running default). Anyhow, RedHat 4.1 and under are

Slackware installs imap if you choose to install the pine/pico package.
However, I'm fairly certain that the daemon isn't run at bootup or from
inetd by default.

On an aside, during the last group of IMAP/POP exploits, I installed IMAP
4.1-BETA (snapshot in 2/97, available from
ftp://ftp.cac.washington.edu/mail/). It fixed the last set of buffer
overrun problems, and the latest exploit doesn't work either.

exploitable. Just kill imapd no real point in running
it anyhow.

Obviously if you don't need a daemon, shut it off.

Theo Van Dinter                                         felicity () kluge net
Systems Administrator - {kluge.net,chrysalis.com}   felicity () chrysalis com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]