From p.checchi@agora.it Wed Jul  1 13:06:08 1998
From: p.checchi@agora.it
To: users@lists.opensuse.org
Subject: [S.u.S.E. Linux] My S.u.S.E. linux hackered. POPPER 2.2.
Date: Wed, 01 Jul 1998 15:06:08 +0200
Message-ID: <000401bda4f1$035a11f0$1aa5f7c2@ik0xfa>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============4889541050197988193=="

--===============4889541050197988193==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit




This morning a person different than me gain root access
to my linux system I administrate at university.
Fortunately was a friend of mine.

My linux system is 5.1 suse, but also the 5.2 version is vulnerable.

The problem is popper, listening on port 110.

I suggest to secure-wrap it or apply the patch.

For additional info you can see www.rootshell.com or the bugtraq archive
mailing list.

The exploit is on-air from 29-06.

Please patch asap.

-
To get out of this list, please send email to majordomo@suse.com with
this text in its body: unsubscribe suse-linux-e

--===============4889541050197988193==--


From bb@suse.com Thu Jul  2 22:35:38 1998
From: bb@suse.com
To: users@lists.opensuse.org
Subject: Re: [S.u.S.E. Linux] My S.u.S.E. linux hackered. POPPER 2.2.
Date: Thu, 02 Jul 1998 15:35:38 -0700
Message-ID: <359C0B3A.6F6196E2@suse.com>
In-Reply-To: <000401bda4f1$035a11f0$1aa5f7c2@ik0xfa>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2094922575669186549=="

--===============2094922575669186549==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable




Pierluigi Checchi wrote:
>=20
> This morning a person different than me gain root access
> to my linux system I administrate at university.
> Fortunately was a friend of mine.
>=20
> My linux system is 5.1 suse, but also the 5.2 version is vulnerable.
>=20
> The problem is popper, listening on port 110.
>=20
> I suggest to secure-wrap it or apply the patch.
>=20
> For additional info you can see www.rootshell.com or the bugtraq archive
> mailing list.
>=20
> The exploit is on-air from 29-06.

You can find a new version of popper on our ftp site!

Ciao,
        BB


--=20
Bodo Bauer            S.u.S.E., LLC                  fon +1-510-835 7873=20
bb@suse.de            458 Santa Clara Avenue         fax +1-510-835 7875
<A HREF=3D"http://www.suse.com"><A HREF=3D"http://www.suse.com</A">http://www=
.suse.com</A</A>>   Oakland CA, 94610  USA
-
To get out of this list, please send email to majordomo@suse.com with
this text in its body: unsubscribe suse-linux-e


--===============2094922575669186549==--