Exploit Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4 / UoW imap 4.5 popd - Lock File Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
19869
Проверка EDB
  1. Пройдено
Автор
ALEX MOTTRAM
Тип уязвимости
DOS
Платформа
LINUX
CVE
cve-2000-1198
Дата публикации
2000-04-19
Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4 / UoW imap 4.5 popd - Lock File Denial of Service
Код:
source: https://www.securityfocus.com/bid/1132/info

Vulnerabilities exist in a number of pop3 daemon implementations, having to do with their creation of lock files. Affected include Qualcomm's qpopper, and the popd included as part of the imap-4 rpm from RedHat. Lockfiles in both implementation are created with consistent local file names; the RedHat popd in /tmp, with a fairly random name (albeit consistent for a given user), and in the mail spool directory, with the user name prepended by a "." and appended with ".pop". Creation of either of these files will prevent the popd user from being able to establish a connection to retrieve their mail.

The FreeBSD port of imap-uw contains this vulnerability. It is not, however, included as a standard part of a FreeBSD install.

touch /var/mail/.username.pop
 
Источник
www.exploit-db.com

Похожие темы