• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Univ. of Washington pop2d Buffer Overflow Vulnerability

Solution:
Upgrade to the pop2d version 4.51 or later which is part of the imap 4.5 package. You are also recommended to compile pop2d without support for anonymous proxing.

Debian has released the following fixed packages for Debian Linux 2.1:

Source archives:

http://security.debian.org/dists/stable/updates/source/imap_4.5-0slink2.diff.gz
MD5 checksum: 606f893869069eee68f4c1e31392af29
http://security.debian.org/dists/stable/updates/source/imap_4.5-0slink2.dsc
MD5 checksum: 93ed80a3619586ff9f3246003aca2448
http://security.debian.org/dists/stable/updates/source/imap_4.5.orig.tar.gz
MD5 checksum: 59afe4be5fcd17c20d241633a4a3d0ac

Sun Sparc architecture:

http://security.debian.org/dists/stable/updates/binary-sparc/c-client-dev_4.5-0slink2_sparc.deb
MD5 checksum: 2de5363a3ea9f27c1aa064c3102567cc

http://security.debian.org/dists/stable/updates/binary-sparc/imap_4.5-0slink2_sparc.deb
MD5 checksum: 87638b6ad06094f30ff6d2dddfd10b8b

http://security.debian.org/dists/stable/updates/binary-sparc/ipopd_4.5-0slink2_sparc.deb
MD5 checksum: aa6621e2f7e2df751489c397e9e169a8

Intel ia32 architecture:

http://security.debian.org/dists/stable/updates/binary-i386/c-client-dev_4.5-0slink2_i386.deb
MD5 checksum: fd92656c7281a4d8322b6da1285475cd

http://security.debian.org/dists/stable/updates/binary-i386/imap_4.5-0slink2_i386.deb
MD5 checksum: c92eaece7e431c84708909362afad07d

http://security.debian.org/dists/stable/updates/binary-i386/ipopd_4.5-0slink2_i386.deb
MD5 checksum: 29685847b0eef8307383a428b1d02be2

Motorola 680x0 architecture:

http://security.debian.org/dists/stable/updates/binary-m68k/c-client-dev_4.5-0slink2_m68k.deb
MD5 checksum: eeab449299e9f2d3fc97db69110b4432

http://security.debian.org/dists/stable/updates/binary-m68k/imap_4.5-0slink2_m68k.deb
MD5 checksum: 4bd0fbaa392b6013f6caa33b04578764

http://security.debian.org/dists/stable/updates/binary-m68k/ipopd_4.5-0slink2_m68k.deb
MD5 checksum: d43f502971afc531923903f3ac7b5b3f

Alpha architecture:

http://security.debian.org/dists/stable/updates/binary-alpha/c-client-dev_4.5-0slink2_alpha.deb
MD5 checksum: 6732ae9495ee29590ed85cc482fbda97

http://security.debian.org/dists/stable/updates/binary-alpha/imap_4.5-0slink2_alpha.deb
MD5 checksum: d0ee05b972d5d1bc1d066e2bae4d8c8b

http://security.debian.org/dists/stable/updates/binary-alpha/ipopd_4.5-0slink2_alpha.deb
MD5 checksum: 89c3931092537d0eb23fb50fa57f1bb0

RedHat has made the following RPMs available to fix the problem:

Red Hat Linux 4.x:
------------------
On alpha:
rpm -Uvh ftp://updates.redhat.com/4.2/alpha/imap-4.5-0.4.2.alpha.rpm
On i386:
rpm -Uvh ftp://updates.redhat.com/4.2/i386/imap-4.5-0.4.2.i386.rpm
On sparc:
rpm -Uvh ftp://updates.redhat.com/4.2/sparc/imap-4.5-0.4.2.sparc.rpm
The source is available at
ftp://updates.redhat.com/4.2/SRPMS/imap-4.5-0.4.2.src.rpm

Red Hat Linux 5.x:
------------------
On alpha:
rpm -Uvh ftp://updates.redhat.com/5.2/alpha/imap-4.5-0.5.2.alpha.rpm
On i386:
rpm -Uvh ftp://updates.redhat.com/5.2/i386/imap-4.5-0.5.2.i386.rpm
On sparc:
rpm -Uvh ftp://updates.redhat.com/5.2/sparc/imap-4.5-0.5.2.sparc.rpm
The source is available at
ftp://updates.redhat.com/5.2/SRPMS/imap-4.5-0.5.2.src.rpm