Autor: Dmitry Glushenok Datum: To: bugs-rus, bugs CC: exim-users Betreff: [Exim] buffer overrun/overflow in The Bat!(MUA)??
--
Hello,
i have some troubles with The Bat! (Win32 MUA) and exim (using libssl0.9.6g on server
side) at STARTTLS process. The Bat! uses openssl0.9.4 and there is seems
to be a buffer overrun. after TLS session established, server writes
"250 server.domain Hello client.domain [123.123.123.123]", then he is waiting for command, and
The Bat! says "QUIT". in The Bat!'s log files something like that:
19.08.2002, 19:46:05: SEND - sending mail messages - 1 messages in queue
19.08.2002, 19:46:05: SEND - Initiating TLS handshake
19.08.2002, 19:46:05: SEND - TLS handshake complete
19.08.2002, 19:46:05: SEND - connected to SMTP server
!19.08.2002, 19:46:05: SEND - Server reports error. The response is:
!19.08.2002, 19:46:05: SEND - Server reports error. The response is:
19.08.2002, 19:46:05: SEND - connection finished - 0 messages sent
19.08.2002, 19:46:05: SEND - Some messages were not sent - check the log for details
at server side no errors occured. but if i change debuglevel on server
side, The Bat! may says something like that:
19.08.2002, 10:41:40: SEND - sending mail messages - 1 messages in queue
19.08.2002, 10:41:41: SEND - Initiating TLS handshake
19.08.2002, 10:41:41: SEND - TLS handshake complete
19.08.2002, 10:41:41: SEND - connected to SMTP server
!19.08.2002, 10:41:41: SEND - Server reports error. The response is: server.domain ESMTP Exim 3.35 #P.h.MB..h. .h.T..NQE.........x..l..2=.H..C..
!19.08.2002, 10:41:41: SEND - Server reports error. The response is: server.domain ESMTP Exim 3.35 #P.h.MB..h. .h.T..NQE.........x..l..2=.H..C..
19.08.2002, 10:41:41: SEND - connection finished - 0 messages sent
19.08.2002, 10:41:41: SEND - Some messages were not sent - check the log for details
so, how i can test The Bat! for buffer
overflow/overrun in that situation?
libssl0.9.6g-2 (Debian GNU/Linux)
exim-tls 3.35-3 (Debian GNU/Linux)
The Bat! 1.60, 1.61 etc. (Windows 2000)
--
regards,
Dmitry
P.S. all versions of The Bat! i've tried is doesn't work correctly
--
[ Content of type application/pgp-signature deleted ]
--