Gain a shell remotely : qpopper euidl problem

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.10423

Category: Gain a shell remotely

Title: qpopper euidl problem

Summary: NOSUMMARY

Description: Description:

You are using qpopper 2.53 (or newer in the 2.5x series) or 3.0.

There is a problem in this server which allows users who have a
pop account to gain a shell with the gid 'mail' by sending to
themselves a specially crafted mail.

Solution : Upgrade to the latest qpopper software
Risk factor : Medium

Cross-Ref: BugTraq ID: 1133
Common Vulnerability Exposure (CVE) ID: CVE-2000-0320
http://www.securityfocus.com/bid/1133
Bugtraq: 20000421 unsafe fgets() in qpopper (Google Search)
http://www.securityfocus.com/templates/archive.pike?list=1&msg=9763.000421@SECURITY.NNOV.RU
XForce ISS Database: qpopper-fgets-spoofing

Copyright This script is Copyright (C) 2000 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.10423
Category:	Gain a shell remotely
Title:	qpopper euidl problem
Summary:	NOSUMMARY
Description:	Description: You are using qpopper 2.53 (or newer in the 2.5x series) or 3.0. There is a problem in this server which allows users who have a pop account to gain a shell with the gid 'mail' by sending to themselves a specially crafted mail. Solution : Upgrade to the latest qpopper software Risk factor : Medium
Cross-Ref:	BugTraq ID: 1133 Common Vulnerability Exposure (CVE) ID: CVE-2000-0320 http://www.securityfocus.com/bid/1133 Bugtraq: 20000421 unsafe fgets() in qpopper (Google Search) http://www.securityfocus.com/templates/archive.pike?list=1&msg=9763.000421@SECURITY.NNOV.RU XForce ISS Database: qpopper-fgets-spoofing
Copyright	This script is Copyright (C) 2000 Renaud Deraison