Bugtraq mailing list archives
Re: Qpopper 2.53 remote problem, user can gain gid=mail
From: jose () BIOCSERVER BIOC CWRU EDU (Jose Nazario)
Date: Wed, 24 May 2000 13:02:52 -0400
while investigating the qpopper 2.53 source lying around to see about this fix, i noticed they note the source patches mentioned are incorrect. they note: [quote] At lines 150 and 62 from pop_msg.c, replace: - return (pop_msg (p,POP_SUCCESS, buffer)); to: + return (pop_msg (p,POP_SUCCESS, "%s", buffer)); [end quote] when infact it's lines 62 and 152 in the source file pop_uidl.c that contain these lines (god bless grep). just a minor correction... damn, i gotta start looking for a better pop3d! jose nazario jose () biochemistry cwru edu PGP fingerprint: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc
Current thread:
- Re: Another hole in Cart32 sert sert (May 22)
- Qpopper 2.53 remote problem, user can gain gid=mail Prizm (May 23)
- Re: Qpopper 2.53 remote problem, user can gain gid=mail Jose Nazario (May 24)
- Re: Qpopper 2.53 remote problem, user can gain gid=mail Qpopper Support (May 24)
- Re: Qpopper 2.53 remote problem, user can gain gid=mail Sebastian (May 25)
- RFP2K05 - NetProwler "Fragmentation" Issue AXENT Security Team (May 23)
- Re: Another hole in Cart32 CDI (May 23)
- <Possible follow-ups>
- Re: Another hole in Cart32 Clover Andrew (May 23)
- Re: Another hole in Cart32 Justin King (May 24)
- Qpopper 2.53 remote problem, user can gain gid=mail Prizm (May 23)