This is CVE-2006-0709 now.
Additionally, Red Hat sound confident that this is exploitable:
"This issue is a pretty standard heap based buffer overflow."
-- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=181665
They have issued a security advisory with severity set to important:
https://r
UUU
)
>
Segmentation fault
[EMAIL PROTECTED]:~/recently$
I have attached a patch and a test message.
// Ulf Harnhammar
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT poli
> BTW, what is in ./metamail, rather than ./src/metamail/??
I don't know. I noticed that the source is included twice, but I haven't looked
into why that is the case. FWIW, if you just patch the source in src and not in
., the resulting binaries seem to be fixed.
> > I have found that metamail
table:
[EMAIL PROTECTED]:~$ /usr/bin/metamail < metamail.txt
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: metamail crash bug
*** glibc detected *** free(): invalid next size (normal): 0x0805fc30 ***
Aborted
[EMAIL PROTECTED]:~$
I have attached a test message, as well
4 matches
Mail list logo
