HighCheck or Attack Name: popimap
A vulnerability exists in both the University of Washington's and Mark Crispin's POP3 implementation that could allow a remote attacker to gain unauthorized root access. This same vulnerability affects the IMAP servers shipped with these packages.
Immediately disable the POP3 (and IMAP) server on your systems and obtain the latest version of POP3.
CERT Advisory CA-97.09, Vulnerability in IMAP and POP, http://www.cert.org/advisories/CA-97.09.imap_pop.html
CERT Advisory CA-97.09, Vulnerability in IMAP and POP, http://www.cert.org/ftp/cert_advisories/CA-97.09.imap_pop
University of Washington, UW IMAP Information Center, http://www.washington.edu/imap/
SNI Security Advisory #21, Buffer Overflow in imapd and ipop3d, http://www.nai.com/nai_labs/asp_set/advisory/21_imap_adv.asp
Silicon Graphics Inc. Security Advisory 19980302-01-I, IMAP/POP Vulnerability, ftp://sgigate.sgi.com/security/19980302-01-I
