[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
[linux-security] Re: Qpop CERT advisory?
- From: bryan redhat com (Bryan C. Andregg)
- To: linux-security redhat com
- Subject: [linux-security] Re: Qpop CERT advisory?
- Date: 17 Jul 1998 15:22:08 GMT
On Thu, 16 Jul 1998 11:27:41 -0700 (PDT), <bryan terran org> wrote:
> The question was meant to be interpreted: is the POP daemon distributed
> with RedHat affected by the same exploits? Many people have responded with
> information that doesn't answer the question. I have also received
> responses from people stating that the POP with RedHat (imap-4.1) is not
> affected, and others who say it is. I've tried running two of the exploits
> I could find on the Bugtraq archive against a RedHat-4.2 system with no
> success. So the question still stands: is the imap package distributed
> with RedHat also vulnerable to the qpopper exploit, or any other POP
> exploit? It doesn't appear to be, but...
Red Hat does not ship qpopper.
Red Hat ships ipop3d from the WU pine package.
ipop3d is not affected by this attack.
Red Hat ships imap from the WU pine package.
imap has recently had exploits posted for it.
Please download and install updates from ftp://ftp.redhat.com/pub/updates.
--
Bryan C. Andregg * <bandregg redhat com> * Red Hat Software
"So hang the brand-name ego at the door and think about what I'm saying" -
Peter Da Silva
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]