[8568] in bugtraq

home help back first fref pref prev next nref lref last post

SerialPOP DoS

daemon@ATHENA.MIT.EDU (Philip Stoev)
Mon Nov 16 12:34:43 1998

Date: 	Sun, 15 Nov 1998 19:40:55 +0200
Reply-To: Philip Stoev <philip@EINET.BG>
From: Philip Stoev <philip@EINET.BG>
To: BUGTRAQ@NETSPACE.ORG

Hello,

maybe this is nothing new, but anyway:

Certain versions of SerialPOP produce a nice Segmentation Fault if the user
specifies a POP/SMTP host name that is longer than 128 characters. This is
caused by a buffer overflow in a function which generates log output. I
know some variants have this fixed but others seem to be vulnerable.

 - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| | If you will be taking the TOEFL or the SAT, check | |
| |        out http://studywiz.hypermart.net/         | |
 - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 This message was sent by Philip Stoev (philip@einet.bg)
 tel: (359 2) 715949, 9549488 fax: (359 2) 544669

home help back first fref pref prev next nref lref last post