|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Qpopper v4.0.x poppassd local root exploit
From: Randall Gellens (rg_public.1
flagg.qualcomm.com)
Date: Wed Apr 30 2003 - 06:35:20 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'm working on a fix, but would like to point out that poppassd is
not built nor installed by default. Also, poppassd is an inherently
insecure protocol that sends both the current and new passwords in
the clear, and in general should only be used with full understanding
of the situation.
--
Randall Gellens
rg_public.1flagg.qualcomm.com
Opinions are personal; facts are suspect; I speak for myself only
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]