Bugtraq mailing list archives
Re: innd 2.2.2 remote buffer overflow
From: lcamtuf () DIONE IDS PL (Michal Zalewski)
Date: Mon, 5 Jun 2000 22:46:25 +0200
On 6 Jun 2000, Russ Allbery wrote:
Note that this code is only ever executed if the option "verifycancels" is enabled in inn.conf. This is *not* the default, and has been recommended against for some time now since it really doesn't do any real good.
It is enabled by default in RH, and usually is enabled on live innd sites.
Note that due to the syntax checking INN performs on message IDs, this will be mildly difficult to exploit, although it's probably at least theoretically possible.
It is exploitable :) _______________________________________________________ Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security] [http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----=
Current thread:
- innd 2.2.2 remote buffer overflow Michal Zalewski (Jun 06)
- <Possible follow-ups>
- Re: innd 2.2.2 remote buffer overflow Russ Allbery (Jun 06)
- Re: innd 2.2.2 remote buffer overflow Michal Zalewski (Jun 05)
- Re: innd 2.2.2 remote buffer overflow Russ Allbery (Jun 06)
- Re: innd 2.2.2 remote buffer overflow Forrest J. Cavalier III (Jun 06)