GEN:SID 1:290
Message POP3 EXPLOIT qpopper overflow
Summary This event is generated when an attempt is made to exploit a buffer overflow in Qualcomm qpopper.
Impact Remote access.  This attack may permit the execution of arbitrary commands with the privileges of root on the vulernable server.
Detailed Information A buffer overflow exploit exists in version 3.x of Qualcomm qpopper daemon, permitting the execution of arbitrary commands with the privileges of root.  The buffer overflow vulnerability is present because of improper bounds checking associated with vsprintf() and sprintf() calls in pop_msg.c.
Affected Systems Qualcomm qpopper 3.0 b20
Qualcomm qpopper 3.0
Attack Scenarios An attacker may exploit the qpopper buffer overflow vulnerability, permitting the execution of arbitrary commands with the privileges of root on the vulnerable server.
Ease of Attack Simple.  Exploit code is freely available.
Corrective Action Upgrade to qpopper3.0b22
Additional References CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0822

Bugtraq
http://www.securityfocus.com/bid/830
Rule References bugtraq: 830
cve: 1999-0822
nessus: 10184