Bugtraq mailing list archives
Re: Linux imapd remote vunerability.
From: felicity () KLUGE NET (Theo Van Dinter)
Date: Wed, 25 Jun 1997 12:16:20 -0400
On Wed, 25 Jun 1997, inter wrote:
sure however if it exists in slackware, (most slackware boxes I have seen dont even have imapd running default). Anyhow, RedHat 4.1 and under are
Slackware installs imap if you choose to install the pine/pico package. However, I'm fairly certain that the daemon isn't run at bootup or from inetd by default. On an aside, during the last group of IMAP/POP exploits, I installed IMAP 4.1-BETA (snapshot in 2/97, available from ftp://ftp.cac.washington.edu/mail/). It fixed the last set of buffer overrun problems, and the latest exploit doesn't work either.
exploitable. Just kill imapd no real point in running it anyhow.
Obviously if you don't need a daemon, shut it off.
--
Theo Van Dinter felicity () kluge net
Systems Administrator - {kluge.net,chrysalis.com} felicity () chrysalis com
Current thread:
- Linux imapd remote vunerability. so1o () INSECURITY ORG (Jun 24)
- Re: Linux imapd remote vunerability. inter (Jun 24)
- Re: Linux imapd remote vunerability. Theo Van Dinter (Jun 25)
- Re: Linux imapd remote vunerability. Alan Brown (Jun 26)
- Re: Linux imapd remote vunerability. Alex Nobert (Jun 25)
- CERT Advisory CA-97.19 - lpr Buffer Overrun Vulnerability Aleph One (Jun 25)
- Sun Security Bulletin #00145 Aleph One (Jun 25)
- Re: Linux imapd remote vunerability. Theo Van Dinter (Jun 25)
- Re: Linux imapd remote vunerability. inter (Jun 24)