Intrusion Prevention

UW.POP2.FOLD.Overflow

Description

This indicates a buffer overflow vulnerability in University of Washington pop2d.

pop2d is a Post Office Protocol (POP) daemon. Due to inadequate input boundary checking, a remote user can execute arbitrary commands on a target system by passing it a specially-crafted FOLD command.

Affected Products

Any POP daemon that is based on University of Washington pop2d

Impact

An attacker can execute arbitrary command on a target system

Recommended Actions

Apply appropriate patches or upgrade the system to the latest non-vulnerable version.

CVE References

CVE-1999-0920

Other References

1