David Colliver napisał(a):
> Hi,
> I am using a fairly old version of ICS from 2002, with Delphi 5. I have not 
> done much programming in Delphi since then, but I have become aware of a 
> buffer overflow in the SMTP part of my application. At this moment, I don't 
> know if it is ICS or my app that is causing it.

We don't know either. BTW: we're in 2007, so your version is "a bit" old 

> In the USER or RCPT TO: (I think USER is POP3, not SMTP...) if more than 4000 
> bytes are sent, then it apparently causes 100% cpu, DoS and will allow an 
> attacker to run commands.

Seems like you're "overscared" by all those today's vulnerabilities, 
buffer overflow does not necessarily allow attacker to perform code 
injection - and by the way, why do you suppose that it's the "buffer 
overflow", not other kind of vulnerability, like infinite loop? Why do 
you suppose it's a vulnerablity? It's a bug, no question, but saying 
about vulnerability is like saying that you'll die of headache (just 
because it's pain).
About your case: who would like to have/use 4kb-sized email address?! If 
you can't limit that in your software, check whether component does. If 
you mean a group of recipients that take more than 4000 bytes, it may be 
a bug in ICS, so you should upgrade your components.
Anyway, it's a good idea to use debugger. When you're at 100% cpu, just 
use debugger's "pause" feature and then "step over" or "trace into", to 
have a look where and why you're looping.

> As I haven't done anything with ICS or Delphi for a while, I am not sure 
> where to look.
> Also, if I download the latest ICS, will there be anything that is likely to 
> cause me programming difficulties? Will any buffer overflow vulnerabilities 
> been fixed?

Make a copy of your ICS, install new, and check it on your own. Is that 
so difficult? Don't expect us to do your homework. We have ours.

.oooO  /~) (~\  Oooo.  "Programowanie to   |        Piotr Dałek
(   ) / (   ) \ (   ) *najprzyjemniejsza*  |   [EMAIL PROTECTED]
  \ ( (   ) (   ) ) /   rzecz, jaką można   |   http://www.hcm.prv.pl/
   \_)'oooO Oooo'(_/     robić w ubraniu"   |

Jestes kierowca? To poczytaj! >>> http://link.interia.pl/f199e

To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to