Date: Tue, 21 Jul 1998 08:55:49 +0930 From: Greg Lehey <grog@lemis.com> To: Val <val@hcol.net>, freebsd-questions@FreeBSD.ORG Subject: Re: Off topic - popper security Message-ID: <19980721085549.R12064@freebie.lemis.com> In-Reply-To: <Pine.BSF.3.96.980720155107.28050A-100000@ns.hcol.net>; from Val on Mon, Jul 20, 1998 at 04:29:40PM -0500 References: <Pine.BSF.3.96.980720155107.28050A-100000@ns.hcol.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday, 20 July 1998 at 16:29:40 -0500, Val wrote: > This message probably doesn't belong to this list, but since i run freebsd > and complided popper as part of it, it would be interesting what you > think. Today i got a call from a concerned individual who is alleging > that trough the /usr/local/libexec/popper one can get into the system. > > Indicator is the syslog entry like this: > > Jul 20 11:23:33 ns popper[23620]: @ip250.white-plains3.ny.pub-ip.psi.net: > -ERR POP EOF received > ns popper[23623]: @ip250.white-plains3.ny.pub-ip.psi.net: -ERR Unknown > command: "^P^P^P^P^P^P^P^P^P^P...many times ^P^P^P^P^P^P^P" > > Did anyone hear about this problem? What is the usual way for resolving > these other than learning C and looking in the source code? Yes, this is a known problem, and yes, it looks as if somebody might be trying to exploit it. Download and build the latest version of the port from ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/mail. Greg -- See complete headers for address and phone numbers finger grog@lemis.com for PGP public key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980721085549.R12064>