Hmm, I fail to see where the overflow is... Maybe you can enlighten
me?
--
Andre
Henning Brauer wrote:
>
> We seem to have a Buffe Overflow problem in qmail-ldap's smtpd. See Johans
> message below, the "patched qmail-smtpd" he refers to is from qmail-ldap.
>
> ----- Forwarded message from Johan Almqvist <[EMAIL PROTECTED]> -----
>
> From: Johan Almqvist <[EMAIL PROTECTED]>
> To: qmail list <[EMAIL PROTECTED]>
> Subject: Re: I think I'm being relayed through, but I don't know how.
> Date: Thu, 7 Jun 2001 12:59:39 +0200
>
> * Chris Garrigues <[EMAIL PROTECTED]> [010606 20:44]:
> > I've got this in my queue:
>
> Your patched qmail-smtpd seems to have a buffer overflow problem. Vis:
>
> --- snip ---
> $ telnet 216.30.106.234 25
> Trying 216.30.106.234...
> Connected to 216.30.106.234.
> Escape character is '^]'.
> 220 austin-jump.vircio.com ESMTP
> HELO fdskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn< fid
>fhiorhfoidhgfoisdoigfdsfhgpofdh gofdh gouf oghfdogh foi hgoifh glfdh göldfhgoirhg ojd
>flghohg odf hglodfg ofdnv df oö vhnfdlngvoifngvo
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjgöldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhglöfjgfapoijpqeiwjfkldsnglcöngfoihgöodsnfvldshgtfoihdsalfjäpgjöfadh
> odifh
>gfdijgodfgöodhgföldgöofhgafdjödflkngvlödfhgpifdjgkljdcäjgädszjgofdijglöfjbgoaskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<fid
> fhiorhf oidhgfoisd oigfdsfhgpofdh gofdh gouf oghfdogh foi hgoifh glfdhgöldfhgoirhg
>ojd flgho hg odf hglodfg ofdnv df oö
>vhnfdlngvoifngvorfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjgöldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhglöfjgfapoijpqeiwjfkldsnglcöngfoihgöodsnfvldshskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<fid
> fhiorhf oidhgfoisd oigfdsfhgpofdh gofdh gouf oghfdogh foi hgoifh glfdhgöldfhgoirhg
>ojd flgho hg odf hglodfg ofdnv df oö vhnfdlngvoifngvo
>
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjgöldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhglöfjgfapoijpqeiwjfkldsnglcöngfoihgöodsnfvldshskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<
> fid fhiorhfoidhgfoisd oigfdsfhgpofdh gofdh gouf oghfdogh foi hgoifh glfdh
>göldfhgoirhg ojd flghohg odf hglodfg ofdnv df oö vhnfdlngvoifngvo
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjgöldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhglöfjgfapoijpqeiwjfkldsnglcöngfoihgöodsnfvldshskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<fid
> fhiorhf oidhgfoisd oigfdsfhgpofdh gofdh gouf oghfdogh foi hgoifh glfdhgöldfhgoirhg
>ojd flgho hg odf hglodfg ofdnv df oö vhnfdlngvoifngvo
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjgöldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhglöfjgfapoijpqeiwjfkldsnglcöngfoihgöodsnfvldshskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<
> fid fhiorhf oidhgfoisd oigfdsfhgpofdh gofdh gouf oghfdoghfoi hgoifh glfdh
>göldfhgoirhg ojd flgho hg odf hglodfg ofdnv df
> oövhnfdlngvoifngvo
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjgöldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhglöfjgfapoijpqeiwjfkldsnglcöngfoihgöodsnfvldshskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<
> fid fhiorhf oidhgfoisd oigfdsfhgpofdhgofdh gouf oghfdogh foi hgoifh glfdh
>göldfhgoirhg ojd flgho hg odf hglodfg ofdnv dfoö vhnfdlngvoifngvo
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjgöldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhglöfjgfapoijpqeiwjfkldsnglcöngfoihgöodnfvldsh
> 250 austin-jump.vircio.com
> MAIL FROM:<[EMAIL PROTECTED]>
> 250 ok
> RCPT TO:<[EMAIL PROTECTED]>
> 250 ok
> DATA
> 354 go ahead
> Subject: Hejhej
>
> Dadaa
> ,
> .
> 250 ok 991911255 qp 1264
> QUIT
> 221 austin-jump.vircio.com
> Connection closed by foreign host.
> --- snap ---
>
> --
> Johan Almqvist
> http://www.almqvist.net/johan/
>
> ----- End forwarded message -----
>
> --
> * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
> * Roedingsmarkt 14, 20459 Hamburg, Germany *
> Unix is very simple, but it takes a genius to understand the simplicity.
> (Dennis Ritchie)
