[9472] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Pine _again_ :)

daemon@ATHENA.MIT.EDU (Ambrose Feinstein)
Thu Feb 11 15:33:52 1999

Date: 	Wed, 10 Feb 1999 06:30:29 -0500
Reply-To: Ambrose Feinstein <ambrose@MMAE.ENGR.UCF.EDU>
From: Ambrose Feinstein <ambrose@MMAE.ENGR.UCF.EDU>
X-To:         chris@FERRET.LMH.OX.AC.UK
To: BUGTRAQ@NETSPACE.ORG

> PINE can be made to crash if /var/spool/mail/<who> contains a line along
> the lines of
>
> "From AAAAAAAAAAAA" where the A's number ~10000. If you are lucky your
> MTA will truncate this line safely, preventing remote exploit.

using sendmail (actually smail on this host) to send myself a message
with a 10k arg for -f, i see that mailx (solaris 2.6 sparc) handles
such huge headers poorly.  it mangled the previous message in my
mailbox, and trying to reply to the offending message raised sigsegv.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[9472] in bugtraq

Re: Pine _again_ :)

daemon@ATHENA.MIT.EDU (Ambrose Feinstein)Thu Feb 11 15:33:52 1999

daemon@ATHENA.MIT.EDU (Ambrose Feinstein)
Thu Feb 11 15:33:52 1999