Vulnerability Development mailing list archives
RE: procmail heap overflow
From: Peter Mueller <pmueller () sidestep com>
Date: Wed, 19 Jun 2002 16:00:12 -0700
Looks like 4.6-PRERELEASE is ok.
uname -a
FreeBSD xxx.yyy.com 4.6-PRERELEASE FreeBSD 4.6-PRERELEASE #2: Sun May 5 22:57:25 PDT 2002 root@localhost:/usr/obj/usr/src/sys/xxx i386
/usr/local/bin/procmail `perl -e '{print "A"x10240}'`=A
Word too long. Peter
-----Original Message----- From: kam [mailto:kam () aversion net] Sent: Wednesday, June 19, 2002 11:01 AM To: flatline Cc: bugtraq () securityfocus com; vuln-dev () securityfocus com Subject: Re: procmail heap overflow On Wed, Jun 19, 2002 at 02:38:08AM +0200, flatline said sometin like...hi, i found a heap overflow in procmail (up until latest) some time agoI have been able to duplicate this on FreeBSD 4.4-Release uname -a 4.4-RELEASE FreeBSD 4.4-RELEASE ls -la /usr/local/bin/procmail -rwsr-sr-x 1 root mail 66644 Jun 11 07:00 /usr/local/bin/procmail* .
Current thread:
- procmail heap overflow flatline (Jun 19)
- Re: procmail heap overflow Ryan W. Maple (Jun 19)
- Re: procmail heap overflow Przemyslaw Frasunek (Jun 19)
- RE: procmail heap overflow Christopher Meiklejohn (Jun 19)
- Re: procmail heap overflow kam (Jun 19)
- Re: procmail heap overflow SpaceWalker (Jun 19)
- Re: procmail heap overflow KF (Jun 19)
- <Possible follow-ups>
- RE: procmail heap overflow Peter Mueller (Jun 19)
- Re: procmail heap overflow Artur Byszko / bikero (Jun 20)
- Re: procmail heap overflow Przemyslaw Frasunek (Jun 21)
- Re: procmail heap overflow Artur Byszko / bikero (Jun 20)
- RE: procmail heap overflow Wodahs Latigid (Jun 20)
- Re: procmail heap overflow Skot (Jun 20)
- RE: procmail heap overflow Peter Mueller (Jun 20)