https://www.exploit-db.com/exploits/21345
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200208-032

Qualcomm’sQPopper是Unix/Linux上的POP3Server，最近开始成为开放源码项目。某些版本的QPopper存在缓冲区溢出，当接收超过2048字符的串时，导致拒绝服务。QPopper开始占用大量的CPU资源，除非手动杀掉该进程。最有可能导致问题的地方是popper/main.c中的msg_buf或者password/poppassd.c的msg_buf。

source: http://www.securityfocus.com/bid/4295/info

Qualcomm's QPopper is a POP3 mail server for Linux and Unix based systems. Recent versions of QPopper have been released as open source projects.

A vulnerability has been reported in some versions of qpopper. Reportedly, if a string of longer than approximately 2048 characters is sent to the qpopper process, a denial of service condition will occur. 

perl -e '{print "A"x"2049"}' | netcat host.com 110

来源:BID
名称:4295
链接:http://www.securityfocus.com/bid/4295
来源:BUGTRAQ
名称:20020315BuginQPopper(AllVersions?)
链接:http://www.securityfocus.com/archive/1/262213
来源:XF
名称:qpopper-qpopper-dos(8458)
链接:http://www.iss.net/security_center/static/8458.php
来源:ftp.qualcomm.com
链接:ftp://ftp.qualcomm.com/eudora/servers/unix/popper/qpopper4.0.4.tar.gz