Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: Qpopper v4.0.x poppassd local root exploit
From: Randall Gellens <rg_public.1 () flagg qualcomm com>
Date: Wed, 30 Apr 2003 13:35:20 +0200
I'm working on a fix, but would like to point out that poppassd is not built nor installed by default. Also, poppassd is an inherently insecure protocol that sends both the current and new passwords in the clear, and in general should only be used with full understanding of the situation. 
--
Randall Gellens
rg_public.1 () flagg qualcomm com
Opinions are personal;     facts are suspect;     I speak for myself only

  By Date           By Thread  

Current thread:
  • Re: Qpopper v4.0.x poppassd local root exploit Randall Gellens (May 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]