Bugtraq mailing list archives
Re: netscape mail overflow(another one)
From: pedward () WEBCOM COM (pedward () WEBCOM COM)
Date: Wed, 29 Jul 1998 10:34:04 -0700
Netscape mail for Windows has an overflow in the body. This is evident when a spammer sends one of our customers a message with the text all on one line. You can reproduce by putting 32768 characters in a line, mail it to yourself, and try to download. Netscape chokes when reading the POP box and refuses to fetch the message. I just use netscape mail for Unix and the problem doesn't exist (gee, I wonder why :>) --Perry
It makes perfect sense that any header field could overflow a limited buffer. I'd assumed that developers would have the sense to check ALL of the buffers used to store headers, but maybe this should be pointed out to them, just to make sure. We may see exploits based on bugs in UUDECODE and BinHex decoders in mailers as well. I'm sure they're there given the overall low quality of the code that these companies are generating (sigh). --Brett Glass At 08:21 PM 7/28/98 +0200, Paul Boehm wrote:
-- Perry Harrington System Software Engineer zelur xuniL () http://www.webcom.com perry.harrington () webcom com Think Blue. /\
Current thread:
- Re: Fwd: Any user can panic OpenBSD machine Jason Thorpe (Jul 27)
- <Possible follow-ups>
- Re: Fwd: Any user can panic OpenBSD machine Michael Graff (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Todd C. Miller (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Warner Losh (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine J.R. Valverde (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Felix Schroeter (Jul 28)
- netscape mail overflow(another one) Paul Boehm (Jul 28)
- Re: netscape mail overflow(another one) Brett Glass (Jul 28)
- Re: netscape mail overflow(another one) pedward () WEBCOM COM (Jul 29)
- HP-UX Predictive & Netscape SSL Vulnerabilities Aleph One (Jul 29)
- Long attachment filename exploits: a procmail filter John D. Hardin (Jul 29)
- Crash a redhat 5.1 linux box Zachary Amsden (Jul 29)
- FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux box) Joe Zbiciak (Jul 29)
- Re: FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux Roger Espel Llima (Jul 30)
- Re: FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux Alan Cox (Jul 30)
- Re: FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux Pavel Kankovsky (Jul 30)
- Re: Fwd: Any user can panic OpenBSD machine Todd C. Miller (Jul 27)
- Re: netscape mail overflow(another one) Paul Boehm (Jul 29)
- who Paul Boehm (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Chris Wedgwood (Jul 28)