Qpopper 3.0b*
-------

CVE:
CAN-2000-0096


Details:
Qpopper's LIST command can be overflowed to gain execute privledges as the
user ID and possibly read privledges as the mail GID.


Fix:
Upgrade to the latest version of qpopper (http://www.eudora.com/qpopper/#CURRENT)


Related URLs:
http://www.securityfocus.com/bid/948

$Id: qpopper3-0b,v 1.1 2001/07/09 19:36:38 dkp Exp $
