Qualcomm qpopper Username Buffer Overflow Vulnerability
Qualcomm popper, or 'qpopper', is a POP3 server, enabling POP3 clients to read and download mail.
In version 4, a buffer overflow vulnerability was introduced into the qpopper source tree. This buffer overflow is related to handling of the client-supplied username and is present when a POP3 session is being initiated.
It is believed that the overflow occurs before authentication, so it may not be required that users have valid POP accounts.
This vulnerability can lead to a compromise of root privileges to remote attackers.