Bugtraq mailing list archives
Re: Solaris 2.4 pop buffer overrun
From: julio.casal () SERVICOM ES (Julio Casal)
Date: Mon, 10 Aug 1998 10:25:46 +0200
uhhh... since when does sun have its own pop3 daemon??
It may not be shipped with Solaris 2.4, sorry about that, but SUNWpop exists, I think it came as an extra with first Netra servers. I've seen it in some installations by Sun. Julio.
On 05-Aug-98 Julio Casal wrote:An old one I guess known but I never saw it in the list: Solaris 2.4 popper has an overflow in the username explotaible obviously as root. It's also easy to get root's shadow entry in the core dumped just
failing to
log as root before overruning the username. Cheers, Julio.-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Daniel Leeds Systems Administrator dleeds () dfacades com DigitalFacades -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Current thread:
- Re: Solaris 2.4 pop buffer overrun Julio Casal (Aug 10)
- Re: Solaris 2.4 pop buffer overrun Alan Thew (Aug 10)
- <Possible follow-ups>
- Re: Solaris 2.4 pop buffer overrun Julio Casal (Aug 10)