[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] qpopper exploit?

Subject: [cobalt-users] qpopper exploit?
From: "Gerald Waugh" <gerald@xxxxxxxxx>
Date: Tue Mar 13 15:14:20 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Is there a qpopper exploit?
I have 4 servers, and all of them had this kind of an entry.
********************** This on one server:
Security Violations
=-=-=-=-=-=-=-=-=-=
Mar 13 16:36:36 fsn0 in.qpopper[3403]: EOF from  at 209.217.53.174
(209.217.53.174): [0] 29 (Illegal seek); 0 (Success)
Mar 13 16:36:36 fsn0 in.qpopper[3403]: (null) at 209.217.53.174
(209.217.53.174): -ERR POP EOF or I/O Error: 29 (Illegal seek); 0 (Success)

Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Mar 13 17:00:01 fsn0 in.qpopper[4607]: (null) at 127.0.0.1 (127.0.0.1): -ERR POP
EOF or I/O Error: 32 (Broken pipe); 0 (Success)
Mar 13 16:45:01 fsn0 in.qpopper[3849]: (null) at 127.0.0.1 (127.0.0.1): -ERR POP
EOF or I/O Error: 32 (Broken pipe); 0 (Success)


************* And this on the other servers:
Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Mar 13 16:41:22 fsn1 in.qpopper[12463]: connect from
aux-209-217-53-174.oklahoma.net
Mar 13 16:41:22 fsn1 in.qpopper[12464]: connect from
aux-209-217-53-174.oklahoma.net

Mar 13 16:41:24 fsn1 in.qpopper[30858]: @aux-209-217-53-174.oklahoma.net: -ERR
POP EOF received
Mar 13 16:41:24 fsn1 in.qpopper[30859]: @aux-209-217-53-174.oklahoma.net: -ERR
POP EOF received

Follow-Ups:
- RE: [cobalt-users] qpopper exploit?
  - From: Dee Dreslough

References:
- [cobalt-users] whats that ?
  - From: andreas \(@work\)

Prev by Date: [cobalt-users] raq 3 as a dns server
Next by Date: [cobalt-users] (Raq3) Solution to the cgiwrap problem?
Previous by thread: [cobalt-users] whats that ?
Next by thread: RE: [cobalt-users] qpopper exploit?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index