cmd5checkpw Qmail Remote Password Retrieval Vulnerability

The author notes that "this vulnerability has been fixed in the latest 0.22 version of cmd5checkpw, available from

the qmail-smtpd-auth patch is also fixed now. When the child crashes it returns propper error message now. Grab the latest version (0.26) from:


Privacy Statement
Copyright 2010, SecurityFocus