skyper <[EMAIL PROTECTED]> wrote:
> im new to the list...just read the topic.
Not well enough, evidently.
> someone gimme infos about this exploit.
There isn't one. It was a hypothetical argument.
Charles
--
---
Charles Caza
On Sun, Mar 04, 2001 at 12:48:01PM +, skyper wrote:
[snip]
>
> hi.
> im new to the list...just read the topic.
> someone gimme infos about this exploit.
There is no exploit.
> which part of the source is vulnerable ?
None.
> which file ? line ?
None. None.
> any fix ?
None necessary.
On Sun, Mar 04, 2001 at 07:14:59PM +1100, Brett Randall wrote:
> On 02 Mar 2001, [EMAIL PROTECTED] wrote:
>
> > Dan could fix this by releasing qmail-1.03.1 with different
> > installation instructions. Of course, if he did, some people would
> > take that to be an admission that there actually
EMAIL PROTECTED]
Subject: Re: qmail 2.0 exploit
On 02 Mar 2001, [EMAIL PROTECTED] wrote:
> Dan could fix this by releasing qmail-1.03.1 with different
> installation instructions. Of course, if he did, some people would
> take that to be an admission that there actually is a security ho
On 02 Mar 2001, [EMAIL PROTECTED] wrote:
> Dan could fix this by releasing qmail-1.03.1 with different
> installation instructions. Of course, if he did, some people would
> take that to be an admission that there actually is a security hole in
> qmail-1.03.
Who cares what other people think? I
David Dyer-Bennet <[EMAIL PROTECTED]> writes:
> Ian Lance Taylor <[EMAIL PROTECTED]> writes:
>
> > Obviously there isn't anything wrong with qmail. And obviously these
> > bug reports are highly misleading in implying that there is a bug
> > which needs to be fixed in qmail. But I do think tha
"Jason Brooke" <[EMAIL PROTECTED]> writes:
> That's all well and good though, until your comment about tcpserver not
> preventing this DOS. If this is true then I have to withdraw.
>
> I run qmail under tcpserver on variety of slackware 7.1 installs and and a
> couple of slackware 4.0 installs,
Ian Lance Taylor <[EMAIL PROTECTED]> writes:
> Obviously there isn't anything wrong with qmail. And obviously these
> bug reports are highly misleading in implying that there is a bug
> which needs to be fixed in qmail. But I do think that the bug reports
> have a point: if you install qmail-1.
s :)
jason
- Original Message -
From: "Ian Lance Taylor" <[EMAIL PROTECTED]>
To: "Jason Brooke" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, March 02, 2001 6:01 PM
Subject: Re: qmail 2.0 exploit
> I would say that that is a mere
"Jason Brooke" <[EMAIL PROTECTED]> writes:
> > If you run qmail-smtpd directly from inetd.conf, as suggested in the
> > INSTALL file distributed with qmail-1.03, then there is a pretty good
> > chance that the instance of qmail-smtpd being attacked will grow to
> > eat of all of memory. What hap
From: "Ian Lance Taylor" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, March 01, 2001 2:59 PM
Subject: Re: qmail 2.0 exploit
> Peter Cavender <[EMAIL PROTECTED]> writes:
>
> > What is this qmail version 2.0 that securityfocus.com claims
I get the feeling this would've already been well and truly covered on this
list, but just out of curiosity I tried it anyway.
On slackware 7.1 installed in vmware under win2k pro and slackware 7.1 on 2
other 'real' machines, all it did was chew cpu and cause qmail-smtpd to chew
some cpu as well.
On Wed, 28 Feb 2001, Peter Cavender wrote:
> What is this qmail version 2.0 that securityfocus.com claims there is an
> explot for? Am I missing something, or are they?
>
> Being that I have better things to do than to try to screw up my mail
> server, has anyone tried this claimed explot? What
Peter Cavender <[EMAIL PROTECTED]> writes:
> What is this qmail version 2.0 that securityfocus.com claims there is an
> explot for? Am I missing something, or are they?
>
> Being that I have better things to do than to try to screw up my mail
> server, has anyone tried this claimed explot? Wha
What is this qmail version 2.0 that securityfocus.com claims there is an
explot for? Am I missing something, or are they?
Being that I have better things to do than to try to screw up my mail
server, has anyone tried this claimed explot? What really happens?
--Pete
15 matches
Mail list logo