Bug 33107 (CVE-2001-1487) - VUL-0: CVE-2001-1487: Minor security problems in qpopper's popauth
Summary: VUL-0: CVE-2001-1487: Minor security problems in qpopper's popauth
Status: RESOLVED FIXED
Alias: CVE-2001-1487
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: All Linux
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Arvin Schnell
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2001-1487: CVSS v2 Base Score: 4....
Keywords:
Depends on:
Blocks:
 
Reported: 2002-08-20 23:26 UTC by Olaf Kirch
Modified: 2021-09-28 07:55 UTC (History)
1 user (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Patch for the bugs mentioned in the text (2.21 KB, patch)
2002-08-20 23:28 UTC, Olaf Kirch 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Olaf Kirch 2002-08-20 23:26:17 UTC 
I found two security issues with popauth:

 -	The -trace switch lets you write the debug log to any file
        owned by user pop.

 -	The logit() function has subtle and possibly harmless buffer
	overflow because it thinks snprintf returns negative values
	when the buffer would overflow. However, it returns the number
	that would be written if the buffer were large enough. This
	makes the iLeft -= iChunk subtraction underflow, and iLeft
	will become a large positive number.

Will attach patch.
Comment 1 Olaf Kirch 2002-08-20 23:28:46 UTC 
Created attachment 10193 [details]
Patch for the bugs mentioned in the text
Comment 2 Arvin Schnell 2002-08-21 21:04:44 UTC 
I have added the patch to qpopper in stable. If you want further
actions please tell so.
Comment 3 Olaf Kirch 2002-08-21 21:09:20 UTC 
No, that's just fine. Thanks a lot!

Olaf
Comment 4 Marcus Meissner 2007-03-23 15:47:09 UTC 
-trace looks like CVE-2001-1487
Comment 5 Thomas Biege 2009-10-13 19:31:31 UTC 
CVE-2001-1487: CVSS v2 Base Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)