Re: potential security hole(s) in 1.71

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: T. William Wells
CC: exim-users
Subject: Re: potential security hole(s) in 1.71
On Thu, 18 Sep 1997, T. William Wells wrote:

> Alas, not true. You overwrite smtp_data, whose position is
> controllable by the outside user. To get the overrun, make the
> HELO be followed by ~500 spaces....


I seem to be asleep today. (Actually, my mind has been elsewhere, on
these regular expressions).

I will fix it. Note, however (and I think I am right this time :-) that
you could not overwrite data on the stack, only in the static segment.

-- 
Philip Hazel                   University Computing Service,
ph10@???             New Museums Site, Cambridge CB2 3QG,
P.Hazel@???          England.  Phone: +44 1223 334714



--
* This is sent by the exim-users mailing list.  To unsubscribe send a
    mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/