Re: Pine _again_ :)

From: Ambrose Feinstein (ambroseat_private)
Date: Wed Feb 10 1999 - 03:30:29 PST

Next message: Darren Reed: "Re: ISS Internet Scanner Cannot be relied upon for conclusive"

Previous message: miff: "sl0scan (ambiguous source portscanner)"
Maybe in reply to: Chris Evans: "Pine _again_ :)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> PINE can be made to crash if /var/spool/mail/<who> contains a line along
> the lines of
>
> "From AAAAAAAAAAAA" where the A's number ~10000. If you are lucky your
> MTA will truncate this line safely, preventing remote exploit.

using sendmail (actually smail on this host) to send myself a message
with a 10k arg for -f, i see that mailx (solaris 2.6 sparc) handles
such huge headers poorly.  it mangled the previous message in my
mailbox, and trying to reply to the offending message raised sigsegv.

Next message: Darren Reed: "Re: ISS Internet Scanner Cannot be relied upon for conclusive"
Previous message: miff: "sl0scan (ambiguous source portscanner)"
Maybe in reply to: Chris Evans: "Pine _again_ :)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:33:42 PDT