This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.
The remote POP3 server is affected by multiple file handling flaws.
According to its banner, the remote host is running a version of the
Qpopper POP3 server that suffers from two local, insecure file
handling vulnerabilities. First, it fails to properly drop root
privileges when processing certain local files, which could lead to
overwriting or creation of arbitrary files as root. And second, it
fails to set the process umask, potentially allowing creation of
group- or world-writable files.
See also :
Upgrade to Qpopper 4.0.6 or later.
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 6.3
Public Exploit Available : true
Nessus Plugin ID: 18361 ()
Bugtraq ID: 13714
CVE ID: CVE-2005-1151CVE-2005-1152
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.