Hmm, I fail to see where the overflow is... Maybe you can enlighten
me?
--
Andre
Henning Brauer wrote:
>
> We seem to have a Buffe Overflow problem in qmail-ldap's smtpd. See Johans
> message below, the "patched qmail-smtpd" he refers to is from qmail-ldap.
>
> ----- Forwarded message from Johan Almqvist <[EMAIL PROTECTED]> -----
>
> From: Johan Almqvist <[EMAIL PROTECTED]>
> To: qmail list <[EMAIL PROTECTED]>
> Subject: Re: I think I'm being relayed through, but I don't know how.
> Date: Thu, 7 Jun 2001 12:59:39 +0200
>
> * Chris Garrigues <[EMAIL PROTECTED]> [010606 20:44]:
> > I've got this in my queue:
>
> Your patched qmail-smtpd seems to have a buffer overflow problem. Vis:
>
> --- snip ---
> $ telnet 216.30.106.234 25
> Trying 216.30.106.234...
> Connected to 216.30.106.234.
> Escape character is '^]'.
> 220 austin-jump.vircio.com ESMTP
> HELO fdskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn< fid
>fhiorhfoidhgfoisdoigfdsfhgpofdh gofdh gouf oghfdogh foi hgoifh glfdh g�ldfhgoirhg ojd
>flghohg odf hglodfg ofdnv df o� vhnfdlngvoifngvo
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjg�ldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhgl�fjgfapoijpqeiwjfkldsnglc�ngfoihg�odsnfvldshgtfoihdsalfj�pgj�fadh
> odifh
>gfdijgodfg�odhgf�ldg�ofhgafdj�dflkngvl�dfhgpifdjgkljdc�jg�dszjgofdijgl�fjbgoaskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<fid
> fhiorhf oidhgfoisd oigfdsfhgpofdh gofdh gouf oghfdogh foi hgoifh glfdhg�ldfhgoirhg
>ojd flgho hg odf hglodfg ofdnv df o�
>vhnfdlngvoifngvorfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjg�ldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhgl�fjgfapoijpqeiwjfkldsnglc�ngfoihg�odsnfvldshskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<fid
> fhiorhf oidhgfoisd oigfdsfhgpofdh gofdh gouf oghfdogh foi hgoifh glfdhg�ldfhgoirhg
>ojd flgho hg odf hglodfg ofdnv df o� vhnfdlngvoifngvo
>
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjg�ldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhgl�fjgfapoijpqeiwjfkldsnglc�ngfoihg�odsnfvldshskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<
> fid fhiorhfoidhgfoisd oigfdsfhgpofdh gofdh gouf oghfdogh foi hgoifh glfdh
>g�ldfhgoirhg ojd flghohg odf hglodfg ofdnv df o� vhnfdlngvoifngvo
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjg�ldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhgl�fjgfapoijpqeiwjfkldsnglc�ngfoihg�odsnfvldshskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<fid
> fhiorhf oidhgfoisd oigfdsfhgpofdh gofdh gouf oghfdogh foi hgoifh glfdhg�ldfhgoirhg
>ojd flgho hg odf hglodfg ofdnv df o� vhnfdlngvoifngvo
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjg�ldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhgl�fjgfapoijpqeiwjfkldsnglc�ngfoihg�odsnfvldshskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<
> fid fhiorhf oidhgfoisd oigfdsfhgpofdh gofdh gouf oghfdoghfoi hgoifh glfdh
>g�ldfhgoirhg ojd flgho hg odf hglodfg ofdnv df
> o�vhnfdlngvoifngvo
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjg�ldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhgl�fjgfapoijpqeiwjfkldsnglc�ngfoihg�odsnfvldshskfnhosdhfdsnfcdlsncvdsndnfisndfondskivndsn<
> fid fhiorhf oidhgfoisd oigfdsfhgpofdhgofdh gouf oghfdogh foi hgoifh glfdh
>g�ldfhgoirhg ojd flgho hg odf hglodfg ofdnv dfo� vhnfdlngvoifngvo
>rfiuvnfodvofdhoghfdshvlkzcjgflkfhdgohdfoighfdlkjg�ldhglfhdglkfdshglkfdglkjdrigfdohjgldfksglkdfhglfdhgldfhgl�fjgfapoijpqeiwjfkldsnglc�ngfoihg�odnfvldsh
> 250 austin-jump.vircio.com
> MAIL FROM:<[EMAIL PROTECTED]>
> 250 ok
> RCPT TO:<[EMAIL PROTECTED]>
> 250 ok
> DATA
> 354 go ahead
> Subject: Hejhej
>
> Dadaa
> ,
> .
> 250 ok 991911255 qp 1264
> QUIT
> 221 austin-jump.vircio.com
> Connection closed by foreign host.
> --- snap ---
>
> --
> Johan Almqvist
> http://www.almqvist.net/johan/
>
> ----- End forwarded message -----
>
> --
> * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
> * Roedingsmarkt 14, 20459 Hamburg, Germany *
> Unix is very simple, but it takes a genius to understand the simplicity.
> (Dennis Ritchie)
