Vulnerability Development mailing list archives
Re: procmail heap overflow
From: Skot <skot () canada com>
Date: 20 Jun 2002 15:23:51 -0000
In-Reply-To: <m3ptynsn51.fsf () clitoris czuby net>
flatline <flatline () blackhat nl> napisa³(a):i found a heap overflow in procmail (up until latest) some time ago.Actually, the latest version of procmail is 3.22 (2001/09/10), which is not vulnerable:
That seems to differ between BSD and Linux distros too. My Mandrake 7.2 running Procmail v3.14 1999/11/22, doesn't segfault, yet the newer MDK8.2 running procmail v3.22 2001/09/10, does. Go figure. Skot.
Current thread:
- Re: procmail heap overflow, (continued)
- Re: procmail heap overflow Ryan W. Maple (Jun 19)
- Re: procmail heap overflow Przemyslaw Frasunek (Jun 19)
- RE: procmail heap overflow Christopher Meiklejohn (Jun 19)
- Re: procmail heap overflow kam (Jun 19)
- Re: procmail heap overflow SpaceWalker (Jun 19)
- Re: procmail heap overflow KF (Jun 19)
- RE: procmail heap overflow Peter Mueller (Jun 19)
- Re: procmail heap overflow Artur Byszko / bikero (Jun 20)
- Re: procmail heap overflow Przemyslaw Frasunek (Jun 21)
- Re: procmail heap overflow Artur Byszko / bikero (Jun 20)
- RE: procmail heap overflow Wodahs Latigid (Jun 20)
- Re: procmail heap overflow Skot (Jun 20)
- RE: procmail heap overflow Peter Mueller (Jun 20)