[14368] in bugtraq
Re: a few bugs ...
daemon@ATHENA.MIT.EDU (Coke)
Tue Mar 21 02:17:16 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <38D6D4F0.3DFE6572@tig.com.au>
Date: Tue, 21 Mar 2000 12:48:32 +1100
Reply-To: Coke <Coke@TIG.COM.AU>
From: Coke <Coke@TIG.COM.AU>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Michal Zalewski wrote:
>
> On Mon, 13 Mar 2000, Maurycy Prodeus wrote:
>
> > 1. In "Lotus Notes POP 1.0X" on NT platform. I'm not really sure ...
> > if you send a very long username ( about 2kb ) it disconnects without
> > any message. So it looks like classic buffer overflow :) I don't have
> > enough time to check it ( to download this packet :) )
>
> Have you noticed GPF popup or BSOD on this Windows box? Anyone may confirm
> this?
>
Just a little note: alot of windows server programs i've come accross
use their own error handlers, and mostly just silently re-init and keep
going when an overflow occurs, eg: warftpd 1.65, so just waiting for a
gpf popup or BSOD would miss quite a few.
