Re: QPopper 4.0.x buffer overflow vulnerability

[Florian Heinz <heinz () cronon-ag de>]

On Tue, Mar 11, 2003 at 07:05:51PM -0800, Randall Gellens wrote:
> The first I heard of the problem was this morning.  Was any notice 
> sent to qpopper-bugs () qualcomm com or qpopper-patches () qualcomm com in 
> advance of the posting here?  If so, please let me know the details 
> so I can see what happened to the message.  If not, I'd like to know 
> why.

The cause for this bug is already identified and the fix is really
simple, I didn't see a reason to delay the post. It wasn't my intention
to cause you trouble, if I did so, I'm sorry. I had bad experience
informing vendors in the past, so I skipped that in this case.
For example, some time ago I reported the (non-exploitable) bug in
pop_msg.c, line 254f.:
free(local_element.mdef_macro); /* From strdup */
return pop_msg(p, POP_SUCCESS, HERE, "Macro \"%s\" accepted",
               local_element.mdef_macro);
and I didn't get a reply. Perhaps you want to fix this flaw too, in fc2.

regards,

Florian Heinz