Package: courier-mta Version: 0.36.1-2 Severity: critical A hand-crafted .courier file can be used to insert \r characters in the message queue file. A bug in the function that reads message queue files subsequently results in memory corruption.
This exploit is fixed in 0.37.2 upstream, I'll upload an upgraded
version ASAP.
Ciao
Racke
--
For projects and other business stuff please refer to COBOLT NetServices
(URL: http://www.cobolt.net; Email: [EMAIL PROTECTED]; Phone: 0041-1-3884400)
