ID de Prueba:	1.3.6.1.4.1.25623.1.0.11376
Categoría:	Gain a shell remotely
Título:	qpopper Qvsnprintf buffer overflow
Resumen:	NOSUMMARY
Descripción:	Description: The remote qpopper server, according to its banner, is vulnerable to a one-byte overflow it its function Qvsnprintf(). An attacker may use this flaw to gain a (non-root) shell on this host, provided that he has a valid POP account to log in with. *** This test could not confirm the existence of the *** problem - it relied on the banner being returned. Solution : Upgrade to version 4.0.5cf2 or newer Risk factor : High
Referencia Cruzada:	BugTraq ID: 7058 Common Vulnerability Exposure (CVE) ID: CVE-2003-0143 http://www.securityfocus.com/bid/7058 Bugtraq: 20030310 QPopper 4.0.x buffer overflow vulnerability (Google Search) http://marc.info/?l=bugtraq&m=104739841223916&w=2 Bugtraq: 20030312 Re: QPopper 4.0.x buffer overflow vulnerability (Google Search) http://marc.info/?l=bugtraq&m=104748775900481&w=2 Bugtraq: 20030314 [OpenPKG-SA-2003.018] OpenPKG Security Advisory (qpopper) (Google Search) http://marc.info/?l=bugtraq&m=104768137314397&w=2 Debian Security Information: DSA-259 (Google Search) http://www.debian.org/security/2003/dsa-259 http://marc.info/?l=bugtraq&m=104792541215354&w=2 SuSE Security Announcement: SuSE-SA:2003:018 (Google Search) http://www.novell.com/linux/security/advisories/2003_018_qpopper.html XForce ISS Database: qpopper-popmsg-macroname-bo(11516) https://exchange.xforce.ibmcloud.com/vulnerabilities/11516
Copyright	This script is Copyright (C) 2003 Renaud Deraison

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.