[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:06924] APOP ( Bug#JP/433: marked as done (mh-ja: Overwrite problem (/usr/man/man8/popauth.8.gz)) )

From: tsuchiya@xxxxxxxxxxxxxxxxxxxxxxx (Masatoshi Tsuchiya)
Subject: [debian-users:06924] APOP ( Bug#JP/433: marked as done (mh-ja: Overwrite problem (/usr/man/man8/popauth.8.gz)) )
Date: Sat, 11 Jul 1998 16:45:45 +0900
X-ml-info: If you have a question, send a mail with the body "# help" (without quotes) to the address debian-users-ctl@debian.or.jp
X-ml-name: debian-users
X-mlserver: fml [fml 2.1A#45]; post only from members
Message-id: <199807110745.QAA23652@xxxxxxxxxxxxxxxxxxxxxxxx>
X-mail-count: 06924
X-mailer: mnews [version 1.21PL4] 1998-06/01(Mon)

土屋です。


1998年07月11日にownerさんは書きました。
 > /usr/man/man8/popauth.8 が qpopper と衝突する件ですが、
 > APOP を使わないようにしてコンパイルすることで、対処しました。

これ、いいんでしょうか。

POP は平文でパスワードを送信してしまうため、Packet Sniffer に対
してに非常に脆弱です。そのため、最近は APOP を使うところがかなり
増えています。

# Packet Sniffer : ネットワーク上のパケットを見て、パスワードを
# 盗み出す攻撃。CERT Advisory の 
# CA-95:03a.telnet.encryption.vulnerability や
# CA-95:18.widespread.attacks を参照。

============================================================
=  土屋 雅稔  ( Tsuchiya Masatoshi )                       =
=    E-mail : tsuchiya@xxxxxxxxxxxxxxxxxxxxxxx             =
=    http://www-nagao.kuee.kyoto-u.ac.jp/member/tsuchiya/  =
============================================================

References:
- [debian-users:06920] Bug#JP/433: marked as done (mh-ja: Overwrite problem (/usr/man/man8/popauth.8.gz))
  - From: owner

Prev by Date: [debian-users:06923] Re: Date field is +0000 in mh-ja
Next by Date: [debian-users:06925] Re: デジカメ
Previous by thread: [debian-users:06920] Bug#JP/433: marked as done (mh-ja: Overwrite problem (/usr/man/man8/popauth.8.gz))
Next by thread: [debian-users:06860] Input Japanese Character via kinput2 (tcl/tk 8.0)
Index(es):
- Date
- Thread