Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: lots of interest in port 109 (POP2)

From: courcoul () CAMPUS QRO ITESM MX (Juan M. Courcoul)
Date: Wed, 8 Mar 2000 14:11:18 -0600

On Wed, 8 Mar 2000, Pavel Kankovsky wrote:

On Mon, 6 Mar 2000, Russell Fulton wrote:

Does anyone know why port 109 is suddenly so popular?


<speculation>
I doubt anyone is using pop2 nowadays but there are many machines where
pop2 daemon was installed by default (damn you, vendors!). I suspect many
of these daemons have more holes than emental cheese because no one uses
them, ergo no one bothers to maintain them.
</speculation>


FWIW, I recall a CERT advisory a few months back, warning about POP2/POP3
vulnerabilities. The recommended fix (beside vendor-supplied patches in
the pertinent cases) was to use the latest popd/imapd code from Washington
University. Beware that this meant the LATEST, which isn't the one that
comes prepackaged with the Unix Pine distribution from them. Check:

        ftp://ftp.cac.washington.edu/mail/

J. Courcoul                               courcoul () campus qro itesm mx
Telecomunicaciones y Redes                Directo    (4) 238-3181
ITESM Campus Queretaro                    Secretaria (4) 238-3175
Queretaro, Qro. Mexico                    Sky (800) 723-4500 PIN 5597110
Previous By Date Next
Previous By Thread Next

Current thread: