Test ID:	1.3.6.1.4.1.25623.1.0.10948
Category:	Buffer overflow
Title:	qpopper options buffer overflow
Summary:	The remote qpopper server, according to its banner, is; running version 4.0.3 or version 4.0.4. These versions; are vulnerable to a buffer overflow if they are configured; to allow the processing of a user's ~/.qpopper-options file.
Description:	Summary: The remote qpopper server, according to its banner, is running version 4.0.3 or version 4.0.4. These versions are vulnerable to a buffer overflow if they are configured to allow the processing of a user's ~ /.qpopper-options file. Vulnerability Impact: A local user can cause a buffer overflow by setting the bulldir variable to something longer than 256 characters. Solution: Upgrade to the latest version, or disable processing of user option files. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2001-1046 BugTraq ID: 2811 http://www.securityfocus.com/bid/2811 Bugtraq: 20010602 Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd) (Google Search) http://www.securityfocus.com/archive/1/188267 Caldera Security Advisory: CSSA-2001-SCO.8 http://archives.neohapsis.com/archives/linux/caldera/2001-q3/0006.html http://marc.info/?l=vuln-dev&m=98777649031406&w=2 XForce ISS Database: qpopper-username-bo(6647) https://exchange.xforce.ibmcloud.com/vulnerabilities/6647
Copyright	Copyright (C) 2002 Thomas Reinke

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.