[Yet another buffer overrun? - I hope this isn't getting monotonous] I noticed this a while back but haven't seen any else mention it. There appears to be what looks like a buffer overrun problem with AppleShare IP Mail Server. If you connect to the SMTP port and issue a long string (say 500 bytes or so) the server crashes - and because its a Mac, it usually crashed the whole machine to the point where it needs a reboot. So far I've only tested against servers which emit the banner 'AppleShare IP Mail Server 5.0.3' For example: $ telnet some.where Trying 1.2.3.4... Connected to some.where. Escape character is '^]'. 220 some.where AppleShare IP Mail Server 5.0.3 SMTP Server Ready HELO XXXXXXXXXXX[....several hundered of these....]XXXXXXXX [ and it just hangs ] $ ping some.where [ ...nothing... ] Physically checking the machine shows it has `locked up' and it a reboot. I assume if you can cause a crash without the lockup then you might be able to execute code and so something useful (on a Mac?). -cw
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:48:19 PDT