Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: netscape mail overflow(another one)

From: pedward () WEBCOM COM (pedward () WEBCOM COM)
Date: Wed, 29 Jul 1998 10:34:04 -0700

Netscape mail for Windows has an overflow in the body.  This is evident when a spammer
sends one of our customers a message with the text all on one line.  You can reproduce
by putting 32768 characters in a line, mail it to yourself, and try to download.
Netscape chokes when reading the POP box and refuses to fetch the message.  I
just use netscape mail for Unix and the problem doesn't exist (gee, I wonder why :>)

--Perry



It makes perfect sense that any header field could overflow a limited buffer.
I'd assumed that developers would have the sense to check ALL of the buffers
used to store headers, but maybe this should be pointed out to them, just to
make sure.

We may see exploits based on bugs in UUDECODE and BinHex decoders in mailers
as well. I'm sure they're there given the overall low quality of the code
that these companies are generating (sigh).

--Brett Glass

At 08:21 PM 7/28/98 +0200, Paul Boehm wrote:



--
Perry Harrington        System Software Engineer    zelur xuniL  ()
http://www.webcom.com  perry.harrington () webcom com  Think Blue.  /\
Previous By Date Next
Previous By Thread Next

Current thread: