> Also, if I download the latest ICS, will there be anything that is likely > to cause me programming difficulties?
The latest ICS-V5 should probably work immediately with your old Delphi 5. If not, only minor issue could pops up. Feel free to report any problem here. Don't forget to include the exact error message you may get. > Will any buffer overflow vulnerabilities been fixed? There is no known vulnerability in ICS code. -- Contribute to the SSL Effort. Visit http://www.overbyte.be/eng/ssl.html -- [EMAIL PROTECTED] http://www.overbyte.be ----- Original Message ----- From: "David Colliver" <[EMAIL PROTECTED]> To: <firstname.lastname@example.org> Sent: Friday, March 16, 2007 7:28 PM Subject: [twsocket] Buffer overflow in SMTP > Hi, > > I am using a fairly old version of ICS from 2002, with Delphi 5. I have > not done much programming in Delphi since then, but I have become aware of > a buffer overflow in the SMTP part of my application. At this moment, I > don't know if it is ICS or my app that is causing it. > > In the USER or RCPT TO: (I think USER is POP3, not SMTP...) if more than > 4000 bytes are sent, then it apparently causes 100% cpu, DoS and will > allow an attacker to run commands. > > As I haven't done anything with ICS or Delphi for a while, I am not sure > where to look. > > Also, if I download the latest ICS, will there be anything that is likely > to cause me programming difficulties? Will any buffer overflow > vulnerabilities been fixed? > > Thanks. > > Best regards, > Dave Colliver. > http://www.AshfieldFOCUS.com > ~~ > http://www.FOCUSPortals.com - Local franchises available > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://www.elists.org/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be