This exploit was reported on 7/14/2000:
A vulnerability exists in versions of the ipop2d daemon,
through version 4.55. ipop2d is part of the University of
Washington imap package. Versions through 4.7c of the imap
package are affected. Any user who has a pop account on the
machine can view any world or group readable file on the file
system. While on a shell account this is not a vulnerability,
on a machine where a user only has POP access, this could
result in the disclosure of information that might be useful in
gaining information about other users on the system. This
could in turn potentially be used to gain further access to the
machine.
For this vulnerability to exist, the user must have an account
on the system in question. This account does not need shell
level access.
ipop2d, and the imap package, will run on many varieties of
Unix and Unix-like operating systems.
bugtraq id
1484
object
pop2d (exec)
class
Access Validation Error
cve
GENERIC-MAP-NOMATCH
remote
No
local
Yes
published
July 14, 2000
updated
July 19, 2000
vulnerable
University of Washington pop2d 4.55
+ University of Washington imap 4.7c
+ University of Washington imap 4.7b
+ University of Washington imap 4.7a
+ University of Washington imap 4.7
University of Washington pop2d 4.54
+ University of Washington imap 4.6
University of Washington pop2d 4.51
+ University of Washington imap 4.5
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
University of Washington pop2d 4.46
+ University of Washington imap 4.4
Cole Tuininga wrote:
>
> Question for you folks - we've been getting a lot of scans on our
> machines for open pop-2/port 109 (not pop-3) ports? Anybody here
> anything about some kind of exploits regarding this recently? Is it a
> new fad to install Back Orifice on 109 and so people are scanning us for
> it?
>
> Any thoughts?
>
> --
> The Lord's Prayer is 66 words, the Gettysburg Address is 286 words,
> there
> are 1,322 words in the Declaration of Independance, but government
> regulations on the sale of cabbage total 26,911 words.
>
> Cole Tuininga
> Network Admin
> Code Energy, Inc
> [EMAIL PROTECTED]
> (603) 766-2208
>
> **********************************************************
> To unsubscribe from this list, send mail to
> [EMAIL PROTECTED] with the following text in the
> *body* (*not* the subject line) of the letter:
> unsubscribe gnhlug
> **********************************************************
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
