exploits , vulnerabilities , articles , Qpopper Multiple Insecure File Handling Vulnerabilities

Title	Qpopper Multiple Insecure File Handling Vulnerabilities
Published	2005-05-23-12:00AM
Updated	2005-08-11-09:11PM
Class	Design Error
CVE	CAN-2005-1151 CAN-2005-1152
Remote	No
Local	Yes
Credit	Jens Steube as well as the vendor are credited with the discovery of these issues.
Vulnerable	S.u.S.E. SuSE Linux School Server for i386 S.u.S.E. SuSE eMail Server III S.u.S.E. SuSE eMail Server 3.1 S.u.S.E. OpenEnterpriseServer 9.0 S.u.S.E. Linux Professional 8.2 S.u.S.E. Linux Professional 7.3 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 S.u.S.E. Linux Openexchange Server S.u.S.E. Linux Office Server S.u.S.E. Linux IMAP Server 1.0 S.u.S.E. Linux Enterprise Server for S/390 9.0 S.u.S.E. Linux Enterprise Server for S/390 S.u.S.E. Linux Enterprise Server 9 S.u.S.E. Linux Enterprise Server 8 S.u.S.E. Linux Enterprise Server 7 S.u.S.E. Linux Desktop 1.0 S.u.S.E. Linux Database Server S.u.S.E. Linux Connectivity Server S.u.S.E. Linux 8.1 S.u.S.E. Linux 8.0 i386 S.u.S.E. Linux 8.0 S.u.S.E. Linux 7.3 sparc S.u.S.E. Linux 7.3 ppc S.u.S.E. Linux 7.3 i386 S.u.S.E. Linux 7.3 S.u.S.E. Linux 7.2 i386 S.u.S.E. Linux 7.2 S.u.S.E. Linux 7.1 x86 S.u.S.E. Linux 7.1 sparc S.u.S.E. Linux 7.1 ppc S.u.S.E. Linux 7.1 alpha S.u.S.E. Linux 7.1 S.u.S.E. Linux 7.0 sparc S.u.S.E. Linux 7.0 ppc S.u.S.E. Linux 7.0 i386 S.u.S.E. Linux 7.0 alpha S.u.S.E. Linux 7.0 S.u.S.E. Linux 6.4 ppc S.u.S.E. Linux 6.4 i386 S.u.S.E. Linux 6.4 alpha S.u.S.E. Linux 6.4 S.u.S.E. Linux 6.3 ppc S.u.S.E. Linux 6.3 alpha S.u.S.E. Linux 6.3 S.u.S.E. Linux 6.2 S.u.S.E. Linux 6.1 alpha S.u.S.E. Linux 6.1 S.u.S.E. Linux 6.0 S.u.S.E. Linux 5.3 S.u.S.E. Linux 5.2 S.u.S.E. Linux 5.1 S.u.S.E. Linux 5.0 S.u.S.E. Linux 4.4.1 S.u.S.E. Linux 4.4 S.u.S.E. Linux 4.3 S.u.S.E. Linux 4.2 S.u.S.E. Linux 4.0 S.u.S.E. Linux 3.0 S.u.S.E. Linux 2.0 S.u.S.E. Linux 1.0 Qualcomm qpopper 4.0.4 Qualcomm qpopper 4.0.3 Caldera OpenServer 5.0.5 Caldera OpenServer 5.0.6 Qualcomm qpopper 4.0.2 Qualcomm qpopper 4.0.1 Qualcomm qpopper 4.0 b14 Qualcomm qpopper 4.0 3 Qualcomm qpopper 4.0 2 Qualcomm qpopper 4.0 1 Qualcomm qpopper 4.0 Qualcomm qpopper 3.1 Qualcomm qpopper 3.0.2 Qualcomm qpopper 3.0.1 b2 Qualcomm qpopper 3.0.1 Qualcomm qpopper 3.0 beta9 Qualcomm qpopper 3.0 beta8 Qualcomm qpopper 3.0 beta7 Qualcomm qpopper 3.0 beta6 Qualcomm qpopper 3.0 beta5 Qualcomm qpopper 3.0 beta4 Qualcomm qpopper 3.0 beta31 Qualcomm qpopper 3.0 beta30 Qualcomm qpopper 3.0 beta3 Qualcomm qpopper 3.0 beta29 Qualcomm qpopper 3.0 beta28 Qualcomm qpopper 3.0 beta27 Qualcomm qpopper 3.0 beta26 Qualcomm qpopper 3.0 beta25 Qualcomm qpopper 3.0 beta24 Qualcomm qpopper 3.0 beta23 Qualcomm qpopper 3.0 beta22 Qualcomm qpopper 3.0 beta21 Qualcomm qpopper 3.0 beta20 Qualcomm qpopper 3.0 beta2 Qualcomm qpopper 3.0 beta19 Qualcomm qpopper 3.0 beta18 Qualcomm qpopper 3.0 beta17 Qualcomm qpopper 3.0 beta16 Qualcomm qpopper 3.0 beta15 Qualcomm qpopper 3.0 beta14 Qualcomm qpopper 3.0 beta13 Qualcomm qpopper 3.0 beta12 Qualcomm qpopper 3.0 beta11 Qualcomm qpopper 3.0 beta10 Qualcomm qpopper 3.0 beta1 Qualcomm qpopper 3.0 b20 Qualcomm qpopper 3.0 Qualcomm qpopper 2.53 Qualcomm qpopper 2.52 Qualcomm qpopper 2.4 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia64 Debian Linux 3.1 ia32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia64 Debian Linux 3.0 ia32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Debian Linux 3.0
Not Vulnerable	Qualcomm qpopper 4.0.5
Code	An exploit is not required.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-16 ZABBIX Denial Of Service and SQL Injection Vulnerabilities
• 2009-12-16 IBM WebSphere Application Server JNDI Remote Information Disclosure Vulnerability
• 2009-12-16 Horde Application Framework Administration Interface Cross-Site Scripting Vulnerability
• 2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
• 2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
• 2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
• 2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
• 2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
• 2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
• 2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Thu, 17 Dec 2009 01:22:32 +0000