> ************** Corinne Posse Security Notice **************
> Issue Number 4-970424
> Topic: Possible buffer overflow in pop3d
> ************** http://corinne.mac.edu/posse **************
>
> *pop3d-1.00.4 (BSD 4.3-based pop3d servers) USER buffer overflow*
>
> Affected Sites:
> Systems running OLD versions of pop3d, namely 1.00.4,
> based on the "original" BSD 4.3 Virtual VAX pop3d by Katie Stevens. This
This code has not been changed as of pop3d-1.005e, which was released
January 19, 1997, and thus it still appears to be vulnerable. As far as
I know, this is the latest release of the BSD 4.3 based pop3d.
George