> Affected versions 4.0.3 and 4.0.4. default install.
> Servers, not processing user`s configuration file
> (~/.qpopper-options) are insensible to this bug.
Our testing has shown that you must use the -u parameter to be susceptible
to this vulnerability.
If you don't use the -u parameter for qpopper this file is not accessed.
You can use the -d parameter to view the debug output to verify this.
Mike
UNIX Systems Administrator at Wake Forest University.
======================================================================
J. Mike Rollins [EMAIL PROTECTED]
Wake Forest University http://www.wfu.edu/~rollins
Winston-Salem, NC work: (336) 758-1938
======================================================================
