Re: procmail heap overflow

From: Skot (skotat_private)
Date: Thu Jun 20 2002 - 08:23:51 PDT

  • Next message: Stefan Esser: "Re: Apache Exploit"

    
     ('binary' encoding is not supported, stored as-is)
    In-Reply-To: <m3ptynsn51.fsfat_private>
    
    
    >flatline <flatlineat_private> napisał(a):
    >
    >> i found a heap overflow in procmail (up until latest) some time ago.
    >
    >Actually, the latest version of procmail is 3.22 (2001/09/10), which
    >is not vulnerable:
    
    That seems to differ between BSD and Linux distros too.  My Mandrake 7.2 running Procmail v3.14 
    1999/11/22, doesn't segfault, yet the newer MDK8.2 running procmail v3.22 2001/09/10, does.
    
    Go figure.
    
    Skot.
    



    This archive was generated by hypermail 2b30 : Thu Jun 20 2002 - 09:26:50 PDT