Buffer overflow in Cyrus IMAP ?
rjs3 at andrew.cmu.edu
Thu Dec 5 17:12:12 EST 2002
Its the same parsing code (with one or two exceptions).
I don't see why it existing with literals after login would concern you if
it didn't concern you before login.
Of course, they are properly limited in 2.1.11 and 2.0.17.
On Thu, 5 Dec 2002 saira at iman.acsu.buffalo.edu wrote:
> Regarding the recently announced vulnerability
> Does a similar vulnerability exist with literals after login?
> Thank you.
> Saira Hasnain
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper
More information about the Info-cyrus