Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999-q3

Bugtraq Archives: Re: Outlook denial of service

Re: Outlook denial of service

Aleph One (aleph1UNDERGROUND.ORG)
Wed, 30 Jun 1999 12:27:49 -0700

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Thiago/c0nd0r: "SDI exploit for Xaccel"
Previous message: Nicholas W. Blasgen: "Re: Outlook denial of service"

On Mon, Jun 28, 1999 at 02:52:34PM -0700, Nicholas W. Blasgen wrote:
> I tested it with Outlook 2000 with Windows 98 and had no problem.
>
> Nicholas Blasgen
> Refract Media
>
> "The hard part was figuring out how to destroy the
> physical universe. But I think we've solved that."
> - Marcus Larry, 1999

As Neil Christie <neilfissure.net> pointed out in private email
is this the fault of Outlook and not Qpopper. Here is what he
had to say:

The POP3 RFC suggests that duplicate UIDLs are acceptable for example
in the situation that there are two identical copies of 1 message in
a mailbox.

As such the fault is with Outlook etc in failing to handle this as
opposed to in qpopper for generating / allowing them.

Whether the POP server should accept incoming UIDL headers in the
message or always generate its own is another issue.

From ftp://ftp.isi.edu/in-notes/rfc1939.txt

--
Aleph One / aleph1underground.org
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01

Next message: Thiago/c0nd0r: "SDI exploit for Xaccel"
Previous message: Nicholas W. Blasgen: "Re: Outlook denial of service"

This archive was generated by hypermail 2.0b3 on Tue Jun 29 1999 - 21:08:32 CDT