Anyone considering letting POP3 or IMAP through the firewall,
especially inwards,should be aware of the popd and imapd
vulnerabilities in a recent CERT advisory:
ftp://info.cert.org/pub/cert_advisories/CA-97.09.imap_pop
On Mon, 7 Apr 1997, Scott Fagg wrote:
> Based on the responses i got from my first post and some searching
> i did, it seems that there are a number of POP proxy solutions.
>
> I've tried one and have another to try later today.
>
> This brings up the next question.
>
> If i do install a POP proxy, controlled by tcpd, netacl or some
> other wrapper, once the daemon has started, how long does it hang
> around? (i guess ps would answer that) and if it does hang around,
> would this mean that the control that tcpd/netacl had in
> starting it would be lost (ie any one can connect) My assumption
> is that it would, but this seems a little bit too 'open'?
>
> regards,
>
>
>
>
References:
|
|
