Vulnerability Development mailing list archives
RE: procmail heap overflow
From: "Wodahs Latigid" <wodahs () mail com>
Date: Thu, 20 Jun 2002 08:20:06 +0000
Was that using csh? Try it with bash.. that may have just been the shell complaining. - wodahs ----- Original Message ----- From: Peter Mueller <pmueller () sidestep com> Date: Wed, 19 Jun 2002 16:00:12 -0700 To: "''kam''" <kam () aversion net>, flatline <flatline () blackhat nl> Subject: RE: procmail heap overflow
Looks like 4.6-PRERELEASE is ok.uname -aFreeBSD xxx.yyy.com 4.6-PRERELEASE FreeBSD 4.6-PRERELEASE #2: Sun May 5 22:57:25 PDT 2002 root@localhost:/usr/obj/usr/src/sys/xxx i386/usr/local/bin/procmail `perl -e '{print "A"x10240}'`=AWord too long. Peter-----Original Message----- From: kam [mailto:kam () aversion net] Sent: Wednesday, June 19, 2002 11:01 AM To: flatline Cc: bugtraq () securityfocus com; vuln-dev () securityfocus com Subject: Re: procmail heap overflow On Wed, Jun 19, 2002 at 02:38:08AM +0200, flatline said sometin like...hi, i found a heap overflow in procmail (up until latest) some time agoI have been able to duplicate this on FreeBSD 4.4-Release uname -a 4.4-RELEASE FreeBSD 4.4-RELEASE ls -la /usr/local/bin/procmail -rwsr-sr-x 1 root mail 66644 Jun 11 07:00 /usr/local/bin/procmail* .
-- __________________________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup Save up to $160 by signing up for NetZero Platinum Internet service. http://www.netzero.net/?refcd=N2P0602NEP8
Current thread:
- procmail heap overflow flatline (Jun 19)
- Re: procmail heap overflow Ryan W. Maple (Jun 19)
- Re: procmail heap overflow Przemyslaw Frasunek (Jun 19)
- RE: procmail heap overflow Christopher Meiklejohn (Jun 19)
- Re: procmail heap overflow kam (Jun 19)
- Re: procmail heap overflow SpaceWalker (Jun 19)
- Re: procmail heap overflow KF (Jun 19)
- <Possible follow-ups>
- RE: procmail heap overflow Peter Mueller (Jun 19)
- Re: procmail heap overflow Artur Byszko / bikero (Jun 20)
- Re: procmail heap overflow Przemyslaw Frasunek (Jun 21)
- Re: procmail heap overflow Artur Byszko / bikero (Jun 20)
- RE: procmail heap overflow Wodahs Latigid (Jun 20)
- Re: procmail heap overflow Skot (Jun 20)
- RE: procmail heap overflow Peter Mueller (Jun 20)