Bugtraq mailing list archives
Re: patch for qpopper remote exploit bug
From: fox () RSN HP COM (David DeSimone)
Date: Tue, 30 Jun 1998 17:06:45 -0500
Kev <klmitch () MIT EDU> wrote:
A friend of mine has a rather clever implementation using pipe; http://web.mit.edu/svalente/src/snprintf/snprintf.c
A typical pipe buffer is 1K to 4K in size. If this code attempts to fprintf() more data into the pipe than will fit, the code will block because there is no one reading on the other end of the pipe. -- David DeSimone | "The doctrine of human equality reposes on this: fox () rsn hp com | that there is no man really clever who has not Hewlett-Packard | found that he is stupid." -- Gilbert K. Chesterson Convex Division | PGP: 5B 47 34 9F 3B 9A B0 0D AB A6 15 F1 BB BE 8C 44
Current thread:
- Re: patch for qpopper remote exploit bug Steven Winikoff (Jun 28)
- <Possible follow-ups>
- Re: patch for qpopper remote exploit bug Ben Laurie (Jun 28)
- Re: patch for qpopper remote exploit bug Johan Danielsson (Jun 28)
- Re: patch for qpopper remote exploit bug Steven Winikoff (Jun 29)
- Re: patch for qpopper remote exploit bug Kev (Jun 29)
- Re: patch for qpopper remote exploit bug David DeSimone (Jun 30)
- SECURITY: too many new packages twiztah (Jun 30)
- Environment variables (SECURITY: too many new packages) Alan Cox (Jun 29)
- Qualcomm's qpopper 2.5 Aleph One (Jun 30)