GEN:SID | 1:290 |
Message | POP3 EXPLOIT qpopper overflow |
Summary | This event is generated when an attempt is made to exploit a buffer overflow in Qualcomm qpopper.
|
Impact | Remote access. This attack may permit the execution of arbitrary commands with the privileges of root on the vulernable server.
|
Detailed Information | A buffer overflow exploit exists in version 3.x of Qualcomm qpopper daemon, permitting the execution of arbitrary commands with the privileges of root. The buffer overflow vulnerability is present because of improper bounds checking associated with vsprintf() and sprintf() calls in pop_msg.c.
|
Affected Systems | Qualcomm qpopper 3.0 b20 Qualcomm qpopper 3.0
|
Attack Scenarios | An attacker may exploit the qpopper buffer overflow vulnerability, permitting the execution of arbitrary commands with the privileges of root on the vulnerable server.
|
Ease of Attack | Simple. Exploit code is freely available.
|
Corrective Action | Upgrade to qpopper3.0b22
|
Additional References | CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0822
Bugtraq http://www.securityfocus.com/bid/830
|
Rule References | bugtraq: 830
cve: 1999-0822
nessus: 10184
|