Bugtraq mailing list archives

Re: Solaris 2.4 pop buffer overrun

From: julio.casal () SERVICOM ES (Julio Casal)
Date: Mon, 10 Aug 1998 10:25:46 +0200

uhhh...  since when does sun have its own pop3 daemon??


It may not be shipped with Solaris 2.4, sorry about that, but SUNWpop exists,
I think it came as an extra with first Netra servers. I've seen it in some
installations by Sun.

Julio.

On 05-Aug-98 Julio Casal wrote:

An old one I guess known but I never saw it in the list:

Solaris 2.4 popper has an overflow in the username explotaible obviously
as root.
It's also easy to get root's shadow entry in the core dumped just

failing to

log as root before overruning the username.

Cheers,
Julio.




-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Daniel Leeds                          Systems Administrator
dleeds () dfacades com                          DigitalFacades
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Current thread:

Re: Solaris 2.4 pop buffer overrun Julio Casal (Aug 10)
- Re: Solaris 2.4 pop buffer overrun Alan Thew (Aug 10)
- <Possible follow-ups>
- Re: Solaris 2.4 pop buffer overrun Julio Casal (Aug 10)