|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Dustin Childers (dustin
acm.org)Date: Thu Mar 14 2002 - 19:51:10 CST
('binary' encoding is not supported, stored as-is)
Description:
When sending a string that has 2048+ characters in
it, the
in.qpopper or popper process will begin to use
massive
amounts of CPU and will not stop until it is manually
killed.
Versions Affected:
I tested this on 4.0.1 and 4.0.3.
4.0.2 is probably vulnerable also.
Older versions may also be vulnerable. I haven't
tested those.
This works locally and remotely.
Patch Information:
I attempted to patch this but I was not successful. I
found
that the most reasonable place for this would be the
msg_buf
in popper/main.c or msg_buf in
password/poppassd.c.
Dustin E. Childers
Security Administrator
http://www.digitux.net/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]