Re: buffer overflow in pine <= 4.21

2000-11-06 Thread Ethan Benson
On Mon, Nov 06, 2000 at 09:54:03AM +0100, Thomas Gebhardt wrote: > > it should segfault. good indication of a buffer overflow there. > > While this kind of buffer overflow is nasty, (as far as I can see) > from a security point of view it is rather harmless. not if the program is question is se

Re: buffer overflow in pine <= 4.21

2000-11-06 Thread Ethan Benson
On Mon, Nov 06, 2000 at 09:54:03AM +0100, Thomas Gebhardt wrote: > > it should segfault. good indication of a buffer overflow there. > > While this kind of buffer overflow is nasty, (as far as I can see) > from a security point of view it is rather harmless. not if the program is question is s

Re: buffer overflow in pine <= 4.21

2000-11-06 Thread Thomas Gebhardt
Hi, > pine is riddled with buffer overflows, its considered unfixable > without totally throwing away 100% of the code and starting over. why > would anyone do that when we have mutt which is a far superior and > Free replacement. > > try this: > > (iirc) > > $ export HOME=3D`perl -e 'print "a

Re: buffer overflow in pine <= 4.21

2000-11-06 Thread Thomas Gebhardt
Hi, > pine is riddled with buffer overflows, its considered unfixable > without totally throwing away 100% of the code and starting over. why > would anyone do that when we have mutt which is a far superior and > Free replacement. > > try this: > > (iirc) > > $ export HOME=3D`perl -e 'print "

Re: buffer overflow in pine <= 4.21

2000-11-04 Thread Ethan Benson
On Fri, Nov 03, 2000 at 06:15:16PM +0100, Robert Varga wrote: > > is the debianized pine4.21 vulnerable to the long From address buffer > overflow vulnerability, which is corrected in 4.30 upstream? pine is riddled with buffer overflows, its considered unfixable without totally throwing away 100%

Re: buffer overflow in pine <= 4.21

2000-11-04 Thread Ethan Benson
On Fri, Nov 03, 2000 at 06:15:16PM +0100, Robert Varga wrote: > > is the debianized pine4.21 vulnerable to the long From address buffer > overflow vulnerability, which is corrected in 4.30 upstream? pine is riddled with buffer overflows, its considered unfixable without totally throwing away 100

buffer overflow in pine <= 4.21

2000-11-03 Thread Robert Varga
is the debianized pine4.21 vulnerable to the long From address buffer overflow vulnerability, which is corrected in 4.30 upstream? Regards, Robert Varga

buffer overflow in pine <= 4.21

2000-11-03 Thread Robert Varga
is the debianized pine4.21 vulnerable to the long From address buffer overflow vulnerability, which is corrected in 4.30 upstream? Regards, Robert Varga -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]