Re: potential security hole(s) in 1.71

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: T. William Wells
Data:  
Para: Philip Hazel
CC: exim-users
Assunto: Re: potential security hole(s) in 1.71
> You are right. I should and will fix that. However, fortuitously, it is
> safe because there are over 500 bytes available, and names returned by
> the DNS are limited to 255. RFC 1034 says:


Alas, not true. You overwrite smtp_data, whose position is
controllable by the outside user. To get the overrun, make the
HELO be followed by ~500 spaces....

--
* This is sent by the exim-users mailing list.  To unsubscribe send a
    mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/