Bugtraq mailing list archives
Re: QPOPPER problem....
From: marc () SNAFU ORG (Marco S Hyman)
Date: Sat, 27 Jun 1998 15:40:11 -0700
"Bruno Lopes F. Cabral" writes:
#ifdef HAVE_VPRINTF - vsprintf(mp,format,ap); + vsnprintf(mp,sizeof(message) - strlen(mp) -1,format,ap);
I don't think so. Check out the code... mp is pointing at the terminating null from the previous sprintf. In effect you've coded sizeof( message ) - -1. Not what you wanted at all. // marc
Current thread:
- Re: patch for qpopper remote exploit bug, (continued)
- Re: patch for qpopper remote exploit bug Theo de Raadt (Jun 27)
- Re: patch for qpopper remote exploit bug Jon Lusky (Jun 27)
- Re: patch for qpopper remote exploit bug Benjamin J Stassart (Jun 27)
- Users can view script source from Win WebServers Aleph One (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Tom Brown (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Daniel Ryde (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Marco S Hyman (Jun 27)
- Re: QPOPPER problem.... Jason Ackley (Jun 27)
- Re: QPOPPER problem.... Bruno Lopes F. Cabral (Jun 27)
- patch: qpopper (plugs another hole too) Miquel van Smoorenburg (Jun 27)
- Re: QPOPPER problem.... Marco S Hyman (Jun 27)
- Re: QPOPPER problem.... Bruno Lopes F. Cabral (Jun 27)
- More patch ideas for qpopper Aaron D. Gifford (Jun 27)
- Re: QPOPPER problem.... Jeff Haas (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Daniel Ryde (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Yiorgos Adamopoulos (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Juan Diego Bolanhos Ramirez (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Bryan (Jun 27)
- NetBSD Security Advisory 1998-004: at(1) vulnerabilities. security-alert () NETBSD ORG (Jun 27)
- Re: !!! FLASH TRAFFIC !!! QPOPPER REMOTE ROOT EXPLOIT Miquel van Smoorenburg (Jun 27)