[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Redhat : Linux vulnerability in imapd

Subject: Redhat : Linux vulnerability in imapd
Date: Thu, 31 Jul 1997 12:16:10 -0700

Description: imapd allows root access

Platform: Linux systems

Status: waiting for fixed version

Authority: CERT advisory

UCI Resolution: recommend system administrators disable imapd

Linux system admins please note the enclosed CERT advisory about imapd.
Several systems on campus have been broken into recently, and it appears
that some of them were compromised using the imapd security hole. 

If you are not using imapd on your system, you should disable it by
editing /etc/inetd.conf and placing a "#" at the begining of the line
that has the entry for imapd.  Then find the pid of imapd and send it
a HUP signal.

If you are using imapd, you should still disable it until you can get
a fixed copy installed.

If you have any questions, please contact the Office of Academic Computing

Mike Iglesias
Office of Academic Computing

Details can be found at
and looking for the subject IMAP.

[This notice is a part of OAC's efforts to keep the campus informed of
potential computer security liabilities. 
Please send any questions or concerns to us at DCS@UCI.EDU]

Prev by Date: IRIX :fam vulnerability
Next by Date: DCSLIB : imapd (CERT Summary CS-97.04)
Previous by thread: IRIX :fam vulnerability
Next by thread: DCSLIB : imapd (CERT Summary CS-97.04)
Index(es):
- Date
- Thread