Re: [TCLUG:2417] Security holes in IMAP

To: tclug-list@listserv.real-time.com
Subject: Re: [TCLUG:2417] Security holes in IMAP
From: "Troy Johnson" <troy@minco.com>
Date: Tue, 01 Dec 1998 11:33:57 -0600

	I read it too, linked from slashdot, but I don't know if IMAP
has any weaknesses right now. In the article they pointed out the
problem was addressed by an rpm update (from Redhat) 6 months ago
(when the problem was found) though. The article did seem a bit short
on specifics and long on fud.
	By the end I was expecting questions like "How does that make
you feel?" followed a lengthy response about how using Linux made
someone feel "cheap" and "used" all because they "didn't upgrade a
stinkin' package". :-P

Troy

>>> "Eric Hillman" <ehillman@cccu.com> 12/01 10:42 AM >>>
I've heard that there were security holes in IMAP -- this news story
recently ran on ZDNet mentioning a worm being used to exploit them.

http://www.zdnet.com/zdnn/stories/news/0,4586,2169798,00.html 

  The reason I'm interested is that recently the ipfwadm setup I have
on my
home Linux server (modified from Tom Cross' "slatch" scripts)
registered
unauthorized access attempts on the IMAP port -- two within a week,
in fact.

  Does anybody know if this is a concern for more recent versions of
IMAP?
The article says it mostly affects users of RedHat 5.0, which strikes
me as
FUDdishly vague.  Also, it doesn't mention exactly what it is this
worm
*does*, or how to tell if your system might have been infected.


---------------------------------------------------------------------
To unsubscribe, e-mail: tclug-list-unsubscribe@listserv.real-time.com

For additional commands, e-mail:
tclug-list-help@listserv.real-time.com

Try our website: http://tclug.real-time.com

Prev by Date: Re: [TCLUG:2411] ssh RPM
Next by Date: TCLUG in ComputerUser magazine?
Prev by thread: Re: [TCLUG:2417] Security holes in IMAP
Next by thread: TCLUG in ComputerUser magazine?
Index(es):
- Date
- Thread