> PINE can be made to crash if /var/spool/mail/<who> contains a line along > the lines of > > "From AAAAAAAAAAAA" where the A's number ~10000. If you are lucky your > MTA will truncate this line safely, preventing remote exploit. using sendmail (actually smail on this host) to send myself a message with a 10k arg for -f, i see that mailx (solaris 2.6 sparc) handles such huge headers poorly. it mangled the previous message in my mailbox, and trying to reply to the offending message raised sigsegv.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:33:42 PDT