-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> It has some similarities, but it doesn't mention the DoS on OE it
> triggers.

> Exception: access violation (0x00000005), Address 0x00780078"

AV because it is beyond the buffer size, I guess

> "telnet AAAAAAAA..." (256 A's or more). If you use numbers instead
> of letters the bug will not get triggered.

Then perhaps it is related to hostname resolution?

> Note that this bug will also NOT get triggered if OE has been
> opened/started since the last reboot, or when its open/active
> at the time of the overflow. I have no idea why this is, so give me
> your view on this.

Could be OE made it extend its buffer so it could contain the last
character(s).

> If you will try to start OutlookExpress after this you will notice
> that it wont start.
> "msimn.exe - DLL Initialization Failed

Until rebooted, the dll might not be properly unloaded? And therefore
the crash condition may still exist...

> OE will NOT start until you rebooted your system. Logging in as
> another user without rebooting will NOT help. Note that if you
> triggered the bug you will have to reboot your system before you
> will be able to trigger/reproduce it again.

Are we so sure it is telnet.exe and not some dll file that has
problems?
btw, Have you tried to fill OE hostnames to their maxes? Will
something similar happen? (I won't try myself, I have enough OE
problems)

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.1

iQA/AwUBOstR330c40coFd3gEQKOsACg7kmHj6s4/fns1IQ05dGYzFk3ez0AoMXB
MMrsRiYBitH23V9DZ0+NVFR4
=LBC/
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]