Vulnerability Development mailing list archives
Re: Pine / IMAP bug?
From: Gunnar Wolf <gwolf () campus iztacala unam mx>
Date: Wed, 1 Aug 2001 09:52:06 -0500 (CDT)
(replying to a message originally in Bugtraq following the moderator's instructions)
I am not sure if this is a known issue but here goes: By sending a small message by directly telnetting to port 25 and doing the following I was able to crash Pine: (someone@somehost) ~ > telnet some.mail.server 25 Trying xxx.xxx.xxx.xxx... Connected to some.mail.server. Escape character is '^]'. 220 Unauthorized use prohibited. helo interrogation 250 Unauthorized use prohibited. mail from: <someone () emailaddress com> 250 ok rcpt to: <someoneelse () emailaddress com> 250 ok data 354 go ahead this is a test to see if it crashes pine... . 250 ok 996609784 qp 13171 quit 221 Unauthorized use prohibited. Connection closed by foreign host. The SMTP server above is Solaris 7 running qmail. IMAP server is OpenBSD 2.8 running qmail and courier imap. Client is Pine 4.33 on OpenBSD 2.8. Pine brings down the message but since it has no header info, it is left blank in the message index. Then when you try to select any message, it gives: MAIL FOLDER "INBOX" CLOSED DUE TO ACCESS ERROR. Exiting pine and restarting was a no go as well. The only way to get Pine running again was by actually entering the Maildir and deleting the message manually.
I tried to reproduce it on several different configurations (Pine 4.33/OpenBSD 2.9 i386, Pine 4.33/RedHat 6.2 Alpha, Pine 4.33/Digital Unix 4.0 Alpha, OpenBSD 2.9 Sparc, Pine 4.21/Debian 2.2r3 i386, all of them are their own SMTP servers, some with Sendmail and some with Exim) and was unable to reproduce it. In the message index string the 'from' field is someone () emailaddress com and the date is right - seems to be generated by the SMTP server. The subject field is blank. The message can be opened, deleted, replied to, etc. I would blame this problem on qmail or on Courier IMAP - Most likely on qmail, as the other SMTP servers added the needed headers. Greetings. ------------------------------------------------------------ Gunnar Wolf - gwolf () campus iztacala unam mx - (+52)5623-1118 Desarrollo y Admon. de Sistemas en Red - FES Iztacala - UNAM Departamento de Seguridad en Computo - DGSCA - UNAM ------------------------------------------------------------ Quidquid latine dictum sit, altum viditur.
Current thread:
- Re: Pine / IMAP bug? Gunnar Wolf (Aug 01)