The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


imapd/ipop3d coredump in slackware 3.4


<< Previous INDEX Search src Set bookmark Go to bookmark Next >> 
X-RDate: Tue, 03 Feb 1998 10:17:13 +0500 (ESK)
Date: Sun, 1 Feb 1998 23:33:47 -0800
From: Dave <dgriffi@ULTRIX6.CS.CSUBAK.EDU>
To: BUGTRAQ@NETSPACE.ORG
Subject: Re: imapd/ipop3d coredump in slackware 3.4

On Mon, 2 Feb 1998, Peter van Dijk wrote:

> [attic bug report nr. 1]
>
> While fooling around a little with NIS/YP (didn't get it completely
> working...) I ran into a bug in the imapd and ipop3d that come with
> slackware 3.4 (if you install the pine package).
> Earlier slackware versions will problably NOT suffer from this bug,
> because they did not include shadowing.
>
> When fed an unknown username, imapd and ipop3d will dump core:

[exploit snipped]

Slackware 3.3 includes does include shadowing.  Apparently, the stock
ipop3d is not vunerable, but imapd is.

thumper:/$ telnet thumper 110
Trying 127.0.0.1...
Connected to thumper.woods.com.
Escape character is '^]'.
+OK thumper POP3 Server (Version 1.005h) ready at <Sun Feb 01 23:09:25 1998>
user root
+OK please send PASS command
pass linux
-ERR invalid usercode or password, please try again
user john
+OK please send PASS command
pass doe
-ERR invalid usercode or password, please try again
quit
+OK arthur POP3 Server (Version 1.005h) shutdown.
Connection closed by foreign host.
thumper:/$ ls -l core
/bin/ls: core: No such file or directory
thumper:/$

thumper:/$ telnet thumper imap2
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK thumper.woods.com IMAP2bis Service 7.8(100) at Sun, 1 Feb 1998
23:15:45 -0800 (PST)
A001 LOGIN root linux
A001 NO Bad LOGIN user name and/or password
A002 LOGIN john doe
Connection closed by foreign host.
thumper:/$ ls -l core
-rw-------   1 root     root       282624 Feb  1 23:16 core
thumper:/$


--
David Griffith
dgriffi@ultrix6.cs.csubak.edu

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

ПОДПИШИСЬ НА ЖУРНАЛ Linux Format 2012!

Журнал "Linux Format" (Линукс Формат)- Единственный в России и странах СНГ журнал на русском языке, посвящённый Linux и свободному ПО. Журнал для IT-директоров, IT-менеджеров, программистов, системных администраторов, учителей школ и преподавателей ВУЗов и всех пользователей ПК. В каждом выпуске: Новости индустрии OpenSource, обзоры новинок свободного ПО, обучающие и методические статьи.

Каждый, кто оформит подписку, получает бонусы и подарки- объёмные наклейки на системный блок, диск с архивом номеров за 2005-2011 г.г. и ежемесячно электронную версию журнала в pdf-формате.

Оформить подписку на год


  Закладки на сайте
  Проследить за страницей 		Created 1996-2012 by Maxim Chirkov  
ДобавитьРекламаВебмастеруГИД  
RUNNet TopList