UW-IMAPD (was Re: [Gllug] Servers and other irritations...)

itsbruce at uklinux.net itsbruce at uklinux.net
Tue Aug 6 12:22:55 UTC 2002


On Tue, Aug 06, 2002 at 01:11:53PM +0100, Stephen Harker wrote:
> On Thursday 01 August 2002 16:10, Mike Brodbelt wrote:
> > * Matthew Kirkwood <matthew at hairy.beasts.org> [020801 00:36]:
> > > [0] Actually, imap in general terrifies me, and only
> > >     because of the number of poor unfortunate boxes I
> > >     have seen r00t3d through the WU imapd.
> >
> > Some years ago, my dial-up goot rooted through UW-IMAP. Being a dial up,
> > I hadn't been paying that much attention to security.....
> >
> > Mike.
> Is UW-IMAP well known for knackering systems? 

There have been vulnerabilities in both the imap server and the
underlying c-client library.

http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-04-15&thread=200004171304.PAA06635@rincewind.msc-media.de

> Should I be worried about using 
> it? I use it here at work for the company but there are only about 30 users 
> on it so it doesn't work that hard. 

It's not going to trash your system and you don't need a more complex
imap server.  Just keep track of security announcements and make sure
the box is hardened.


-- 
Bruce

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list