[24701] in bugtraq
Bug in QPopper (All Versions?)
daemon@ATHENA.MIT.EDU (Dustin Childers)
Fri Mar 15 14:57:17 2002
Date: 15 Mar 2002 01:51:10 -0000
Message-ID: <20020315015110.14475.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Dustin Childers <dustin@acm.org>
To: bugtraq@securityfocus.com
Description:
When sending a string that has 2048+ characters in
it, the
in.qpopper or popper process will begin to use
massive
amounts of CPU and will not stop until it is manually
killed.
Versions Affected:
I tested this on 4.0.1 and 4.0.3.
4.0.2 is probably vulnerable also.
Older versions may also be vulnerable. I haven't
tested those.
This works locally and remotely.
Patch Information:
I attempted to patch this but I was not successful. I
found
that the most reasonable place for this would be the
msg_buf
in popper/main.c or msg_buf in
password/poppassd.c.
Dustin E. Childers
Security Administrator
http://www.digitux.net/
