Test ID:	1.3.6.1.4.1.25623.1.0.54108
Category:	SuSE Local Security Checks
Title:	SuSE Security Advisory SUSE-SA:2003:018 (qpopper)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory SUSE-SA:2003:018. The Post-Office-Protocol- (POP-) Server qpopper (version 4) was vulnerable to a buffer overflow. The buffer overflow occurs after authentication has taken place. Therefore pop-users with a valid account can execute arbitrary code on the system running qpopper. Depending on the setup, the malicious code is run with higher privileges. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2003:018 Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	BugTraq ID: 7058 Common Vulnerability Exposure (CVE) ID: CVE-2003-0143 http://www.securityfocus.com/bid/7058 Bugtraq: 20030310 QPopper 4.0.x buffer overflow vulnerability (Google Search) http://marc.info/?l=bugtraq&m=104739841223916&w=2 Bugtraq: 20030312 Re: QPopper 4.0.x buffer overflow vulnerability (Google Search) http://marc.info/?l=bugtraq&m=104748775900481&w=2 Bugtraq: 20030314 [OpenPKG-SA-2003.018] OpenPKG Security Advisory (qpopper) (Google Search) http://marc.info/?l=bugtraq&m=104768137314397&w=2 Debian Security Information: DSA-259 (Google Search) http://www.debian.org/security/2003/dsa-259 http://marc.info/?l=bugtraq&m=104792541215354&w=2 SuSE Security Announcement: SuSE-SA:2003:018 (Google Search) http://www.novell.com/linux/security/advisories/2003_018_qpopper.html XForce ISS Database: qpopper-popmsg-macroname-bo(11516) https://exchange.xforce.ibmcloud.com/vulnerabilities/11516
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.