Vulnerability Development mailing list archives

Buffer overflow on Lotus Notes' POP3 service

From: Michel Arboi <arboi () YAHOO COM>
Date: Tue, 13 Feb 2001 11:44:52 -0800

I ran Nessus 1.0.7a against a Linux box running Lotus Notes 5.0.6a
The POP3 service crashed (SIGSEGV) and the server said it freezed all
its threads (nice DoS).

Apparently, Nessus sent:
USER test
PASS xxxxxxx[snip]

I did not find this bug in the archives. I did not check if it could be
exploited or if other systems/versions are vulnerable.


__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35
a year!  http://personal.mail.yahoo.com/

Current thread:

Buffer overflow on Lotus Notes' POP3 service Michel Arboi (Feb 13)
- Re: Buffer overflow on Lotus Notes' POP3 service Michel Arboi (Feb 14)
- Re: Buffer overflow on Lotus Notes' POP3 service LL (Feb 14)