oss-sec mailing list archives
Evolution denial of service bug ...
From: Marcus Meissner <meissner () suse de>
Date: Mon, 18 Jan 2010 11:51:14 +0100
Hi, We received a bugreport for Evolution from "Francis Provencher for Protek Research Lab's" (protekresearchlab () yahoo ca). The issue is that if Evolution accesses a malicious POP3 server the latter can by sending an overly long ERR message cause a X11 error (BadAlloc) likely due to a overly wide Message Box and so cause evolution to abort. The commit in evolution that fixes it: http://git.gnome.org/browse/evolution-data-server/commit/?id=22854733409fddf3e313cc637ce3a0309159b41f it also checks for utf-8 validity. I am still undecided whether this is a real security issue or not. On one hand getting rid of this malicious server from evolution might be difficult if it is auto-opened. On the other hand, malicious servers have also other denial of service possibilities (like sending 1000000+ mailheaders). Ciao, Marcus
Current thread:
- Evolution denial of service bug ... Marcus Meissner (Jan 18)
- Re: Evolution denial of service bug ... Josh Bressers (Jan 19)