| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200303121319.51327.grok@tnt.pl> Date: Wed, 12 Mar 2003 13:19:51 +0000 From: Jaroslaw Zachwieja <grok@....pl> To: bugtraq@...urityfocus.com Subject: Re: QPopper 4.0.x buffer overflow vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On pon 10. marca 2003 14:31, Florian Heinz wrote: > http://nstx.dereference.de/snippets/qex.c > Feedback is welcome. Enforcing TLS/SSL is a temprorary workaround against script-kiddies - exploit (out-of-the-box) will not be able to authenticate. (there is a user foobar, with passwd "lalala" on the system) $ ./qex rootbox foobar lalala Phase 1: Seeking buffer size Connecting to xxx.xxx.xxx.xxx... Logging in... Could not log in. Did you provide a valid username/password-combination? Exiting due to error... that's becouse: $ telnet 0 110 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. +OK ready user foobar - -ERR [AUTH] You must use TLS/SSL or stronger authentication such as APOP to connect to this server quit Not a fix, but who sends plaintext passwords anyway :) Unfortunately, I must assume, that at some point some "friendly" soul will equip qex with TLS/SSL. What is the vendor response on that? - -- grok GPG public key at http://www.keyserver.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+bzP3ANulANzEW40RArDsAJ43VBZhYJXdhWsyGXT59LfwbJkH8wCgs+FW 8g4LLzXZ/D71rkaVjDRBR0c= =CVSC -----END PGP SIGNATURE-----
Powered by blists - more mailing lists