Bug in QPopper (All Versions?)

From: Dustin Childers (dustin@acm.org)
Date: 03/15/02

• Previous message: Casper Dik: "Re: ZLib double free bug: Windows NT potentially unaffected"
• Next in thread: Dustin Childers: "Re: Bug in QPopper (All Versions?)"
• Reply: Dustin Childers: "Re: Bug in QPopper (All Versions?)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 15 Mar 2002 01:51:10 -0000
From: Dustin Childers <dustin@acm.org>
To: bugtraq@securityfocus.com

('binary' encoding is not supported, stored as-is)

Description:
  When sending a string that has 2048+ characters in
it, the
  in.qpopper or popper process will begin to use
massive
  amounts of CPU and will not stop until it is manually
killed.
 
Versions Affected:
  I tested this on 4.0.1 and 4.0.3.
  4.0.2 is probably vulnerable also.
  Older versions may also be vulnerable. I haven't
tested those.
 
  This works locally and remotely.
 
Patch Information:
  I attempted to patch this but I was not successful. I
found
  that the most reasonable place for this would be the
msg_buf
  in popper/main.c or msg_buf in
password/poppassd.c.

Dustin E. Childers
Security Administrator
http://www.digitux.net/

---

• Previous message: Casper Dik: "Re: ZLib double free bug: Windows NT potentially unaffected"
• Next in thread: Dustin Childers: "Re: Bug in QPopper (All Versions?)"
• Reply: Dustin Childers: "Re: Bug in QPopper (All Versions?)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2002-03