Vulnerability Development mailing list archives
Re: procmail heap overflow
From: "Ryan W. Maple" <ryan () guardiandigital com>
Date: Wed, 19 Jun 2002 13:08:01 -0400 (EDT)
i found a heap overflow in procmail (up until latest) some time ago.
flatline@intra:/usr/bin$ ls -la procmail
-rwsr-xr-x 1 root mail 64344 Jun 3 2001 procmail*
flatline@intra:/usr/bin$ ./procmail `perl -e '{print "A"x10240}'`=A
procmail: Exceeded LINEBUF
Segmentation fault
flatline@intra:/usr/bin$
Confirmed with v3.21 but it appears to have been fixed in v3.22. From the Procmail changelog (http://www.procmail.org/procmail.HISTORY.html): 2001/09/10: v3.22 Changes to procmail: ... * Catch overly long command line variable assignments What version were you using above? -r
Current thread:
- procmail heap overflow flatline (Jun 19)
- Re: procmail heap overflow Ryan W. Maple (Jun 19)
- Re: procmail heap overflow Przemyslaw Frasunek (Jun 19)
- RE: procmail heap overflow Christopher Meiklejohn (Jun 19)
- Re: procmail heap overflow kam (Jun 19)
- Re: procmail heap overflow SpaceWalker (Jun 19)
- Re: procmail heap overflow KF (Jun 19)
- <Possible follow-ups>
- RE: procmail heap overflow Peter Mueller (Jun 19)
- Re: procmail heap overflow Artur Byszko / bikero (Jun 20)
- Re: procmail heap overflow Przemyslaw Frasunek (Jun 21)
- Re: procmail heap overflow Artur Byszko / bikero (Jun 20)
- RE: procmail heap overflow Wodahs Latigid (Jun 20)
- Re: procmail heap overflow Skot (Jun 20)
(Thread continues...)