Hello, I did a brief overview of 1.2.x dbmail pop3 code once looking for that sort of thing; I'm not a C expert, but from what I saw I don't think there was a problem. Iirc, dbmail actually caught and handled the extra length fine, it just chose to drop the pop3 connection on that invalid input rather than printing an error on pop3 stream, which would behave exactly like a pop3 daemon which did have a buffer overflow and crashed. Check your mail logs and see if it doesn't record the invalid lengths.
Jn On Sun, 2005-09-04 at 23:34 +0700, Administrator Beckspaced.com wrote: > hello dbmail users ;-) > > i have just recently installed a new productive server with SuSe Linux > 9.3, mysql 4.1.10, postfix and dbmail 1.2.11 > the mailsystem works great and so far i haven't discovered any errors or > whatsoever ... > > then I just did a nessus scan on the server and the nessus report showed > me the following: > > ##################################### > > vulnerability pop3(110/tcp) > > The remote POP3 server seems > to be subject to a buffer overflow when it receives > two arguments which are too long for the APOP command. > > This problem may allow an attacker to disable this > POP server or to execute arbitrary code on this > host. > > Solution : Contact your vendor for a patch > Risk factor : High > CVE : CAN-2000-0841 <http://cgi.nessus.org/cve.php3?cve=CAN-2000-0841> > BID : 1652 <http://cgi.nessus.org/bid.php3?bid=1652> > Nessus ID : 10559 <http://cgi.nessus.org/nessus_id.php3?id=10559> > > vulnerability pop3(110/tcp) > > The remote pop3 server is vulnerable to the following > buffer overflow : > > USER test > PASS <buffer> > > This *may* allow an attacker to execute arbitrary commands > as root on the remote POP3 server. > > Solution : contact your vendor, inform it of this > vulnerability, and ask for a patch > > Risk factor : High > CVE : CAN-1999-1511 <http://cgi.nessus.org/cve.php3?cve=CAN-1999-1511> > BID : 791 <http://cgi.nessus.org/bid.php3?bid=791> > Nessus ID : 10325 <http://cgi.nessus.org/nessus_id.php3?id=10325> > > ##################################### > > well ... i was really worried !!! is there REALLY a buffer overflow in > the dbmail release 1.2.11?? > if so ... is there a patch available?? > > any more info on this subject would be great ;-) > > and also a BIG THANK YOU to the dbmail development community! > i really like dbmail - it rocks ;-) > > all the best > becki > > _______________________________________________ > Dbmail mailing list > Dbmail@dbmail.org > https://mailman.fastxs.nl/mailman/listinfo/dbmail -- Jesse Norell - [EMAIL PROTECTED] Kentec Communications, Inc.
