Hello,
I did a brief overview of 1.2.x dbmail pop3 code once
looking for that
sort of thing; I'm not a C expert, but from what I saw I
don't think
there was a problem. Iirc, dbmail actually caught and
handled the extra
length fine, it just chose to drop the pop3 connection on
that invalid
input rather than printing an error on pop3 stream, which
would behave
exactly like a pop3 daemon which did have a buffer overflow
and crashed.
Check your mail logs and see if it doesn't record the
invalid lengths.
Jn
On Sun, 2005-09-04 at 23:34 +0700, Administrator
Beckspaced.com wrote:
> hello dbmail users 
>
> i have just recently installed a new productive server
with SuSe Linux
> 9.3, mysql 4.1.10, postfix and dbmail 1.2.11
> the mailsystem works great and so far i haven't
discovered any errors or
> whatsoever ...
>
> then I just did a nessus scan on the server and the
nessus report showed
> me the following:
>
> #####################################
>
> vulnerability pop3(110/tcp)
>
> The remote POP3 server seems
> to be subject to a buffer overflow when it receives
> two arguments which are too long for the APOP command.
>
> This problem may allow an attacker to disable this
> POP server or to execute arbitrary code on this
> host.
>
> Solution : Contact your vendor for a patch
> Risk factor : High
> CVE : CAN-2000-0841 <
http://cgi.nessus.org/cve.php3?cve=CAN-2000-0841>
> BID : 1652 <http://cg
i.nessus.org/bid.php3?bid=1652>
> Nessus ID : 10559 <htt
p://cgi.nessus.org/nessus_id.php3?id=10559>
>
> vulnerability pop3(110/tcp)
>
> The remote pop3 server is vulnerable to the following
> buffer overflow :
>
> USER test
> PASS <buffer>
>
> This *may* allow an attacker to execute arbitrary
commands
> as root on the remote POP3 server.
>
> Solution : contact your vendor, inform it of this
> vulnerability, and ask for a patch
>
> Risk factor : High
> CVE : CAN-1999-1511 <
http://cgi.nessus.org/cve.php3?cve=CAN-1999-1511>
> BID : 791 <http://cgi
.nessus.org/bid.php3?bid=791>
> Nessus ID : 10325 <htt
p://cgi.nessus.org/nessus_id.php3?id=10325>
>
> #####################################
>
> well ... i was really worried !!! is there REALLY a
buffer overflow in
> the dbmail release 1.2.11??
> if so ... is there a patch available??
>
> any more info on this subject would be great
>
> and also a BIG THANK YOU to the dbmail development
community!
> i really like dbmail - it rocks
>
> all the best
> becki
>
> _______________________________________________
> Dbmail mailing list
> Dbmail dbmail.org
> htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
--
Jesse Norell - jessekci.net
Kentec Communications, Inc.
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|