On Thu, Jan 03, 2002 at 11:27:14AM +1100, Andrew Bennetts wrote: > On Thu, Jan 03, 2002 at 09:33:37AM +1100, Balial wrote: > > Anyone know what the exploit actually is? > > From looking at the patch for it, it looks like it is a buffer overflow in > parsing addresses in headers. I think I read somewhere that it is only a > 1 byte overflow, but still exploitable despite that.
It didn't look exploitable at all IMHO. Pete
msg19022/pgp00000.pgp
Description: PGP signature