Bugtraq mailing list archives

SerialPOP DoS

From: philip () EINET BG (Philip Stoev)
Date: Sun, 15 Nov 1998 19:40:55 +0200


Hello,

maybe this is nothing new, but anyway:

Certain versions of SerialPOP produce a nice Segmentation Fault if the user
specifies a POP/SMTP host name that is longer than 128 characters. This is
caused by a buffer overflow in a function which generates log output. I
know some variants have this fixed but others seem to be vulnerable.

 - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| | If you will be taking the TOEFL or the SAT, check | |
| |        out http://studywiz.hypermart.net/         | |
 - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 This message was sent by Philip Stoev (philip () einet bg)
 tel: (359 2) 715949, 9549488 fax: (359 2) 544669

Current thread:

crashing wingates G23 (Nov 14)
- Re: crashing wingates Eric Wanner (Nov 14)
- Administrivia Aleph One (Nov 14)
  - Re: Administrivia Chris Tobkin (Nov 15)
  - SerialPOP DoS Philip Stoev (Nov 15)
- <Possible follow-ups>
- Re: crashing wingates Noam Rathaus (Nov 15)
- Re: crashing wingates Kotu Srinivasa Reddy (Nov 16)