[exim-dev] [Bug 2571] Out-of-bound buffer read leads to Aut…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: admin
Dátum:  
Címzett: exim-dev
Tárgy: [exim-dev] [Bug 2571] Out-of-bound buffer read leads to Authentication Bypass in Exim SPA authentication method
https://bugs.exim.org/show_bug.cgi?id=2571

--- Comment #2 from Orange Tsai <orange@???> ---
Hi! The patch just checks "pointer + offset" is smaller than the end of
`responseptr`. However, the check condition is prone to integer overflow. An
attacker can make a crash on 32-bit system.

--
You are receiving this mail because:
You are on the CC list for the bug.