Bugtraq mailing list archives

Re: Attacks using pop

From: alan () manawatu planet org nz (Alan Brown)
Date: Wed, 5 Jun 1996 12:27:40 +1200


On Tue, 4 Jun 1996 simes () tcp co uk wrote:

Thist really depends on the POP3 server you are using. It should really
just read directly from the .pop file and ignore the actual mailbox.
Certainly, this is how the POP3 server we have works. I would say that
any POP3 server that appends the .pop file back onto the mail box itself
when it loses the connection to the POP3 client is broken.


The pop server in question was Qualcomm's 2.1.4 qpopper as well as
an older pop server.

Qualcomm's 2.2 server has a server mode compilation switch which inhibits
this bbehaviour. I installed it overnight and there seem to be no
problems so far. As well as curing the server problem it disconnects
after 1 failed login attempt.

AB

Current thread:

Not so much a bug as a warning of new brute force attack Brett L. Hawn (Jun 01)
- Re: Not so much a bug as a warning of new brute force attack Paul C Leyland (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Christopher X. Candreva (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Richard Ashton (Jun 03)
  - Re: Not so much a bug as a warning of new brute force attack Jeremy D. Zawodny (Jun 03)
  - Reply from the author of popper at Qualcomm Pete Ashdown (Jun 03)
    - Attacks using pop Alan Brown (Jun 03)
    - Re: Attacks using pop simes () tcp co uk (Jun 04)
    - Re: Attacks using pop Alan Brown (Jun 04)
- [linux-alert] Serious Security hole in getpwnam () [Forwarded Jeff Uphoff (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Aaron Merifield (Jun 03)
  - Re: Not so much a bug as a warning of new brute force attack Brett L. Hawn (Jun 03)
    - pop3 daemon with syslog logging Gunnar Ingvi Thorisson (Jun 03)
    - Re: Not so much a bug as a warning of new brute force attack Alan Brown (Jun 03)
    - Re: Not so much a bug as a warning of new brute force attack Brian Davidson (Jun 04)
    - Re: Not so much a bug as a warning of new brute force attack Russell Street (Jun 04)
    - Re: Not so much a bug as a warning of new brute force attack Joe Block (Jun 04)
    - Re: Not so much a bug as a warning of new brute force attack Thayne Forbes (Jun 04)
    - Re: Not so much a bug as a warning of new brute force attack Steve Chew (Jun 04)

(Thread continues...)