LinuxSA Mailing list archives
Index:
[thread]
[date]
[subject]
[author]
From: Daryl Tester <dt@picknowl.com.au>
To : LinuxSA@linuxsa.org.au
Date: Wed, 19 Apr 2000 01:44:16 +0930
Re: Buffer overflows in IMAPD in RH latest ...
Dan Shearer wrote:
> This is not to say that Cyrus won't have an identical problem tomorrow, of
> course. People might claim that UW imapd gets hammered harder because it
> is used more <shrug>. I like Cyrus' internal design better though.
As a followup to this, the author of UW IMAP posted a very "interesting"
response to the original Bugtraq message (sed s/interesting/scary/).
He gives the impression that he doesn't regard this as a problem as the
IMAP daemon has already dropped root privileges at this point, and
therefore doesn't need fixing. I'd recommend that people steer clear
of this daemon - there have been root exploits for it before, and it
wouldn't come as a shock if there were again.
Regards,
Daryl Tester
--
LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject
Index:
[thread]
[date]
[subject]
[author]
Return to the LinuxSA Mailing List Information Page