qpopper < 4.0.5fc2 Qvsnprintf Remote Overflow
Medium Nessus Network Monitor Plugin ID 1786
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote qpopper server, according to its banner, is vulnerable to a one-byte overflow in the function Qvsnprintf(). An attacker may use this flaw to gain a (non-root) shell on this host, provided that the attacker has a valid POP account to log in with.
SolutionUpgrade to version 4.0.5fc2 or higher.