From owner-freebsd-security  Sun Jun 28 01:42:37 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id BAA17447
          for freebsd-security-outgoing; Sun, 28 Jun 1998 01:42:37 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from time.cdrom.com (root@time.cdrom.com [204.216.27.226])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA17442
          for <freebsd-security@freebsd.org>; Sun, 28 Jun 1998 01:42:36 -0700 (PDT)
          (envelope-from jkh@time.cdrom.com)
Received: from time.cdrom.com (jkh@localhost.cdrom.com [127.0.0.1])
	by time.cdrom.com (8.8.8/8.8.8) with ESMTP id BAA04075;
	Sun, 28 Jun 1998 01:41:58 -0700 (PDT)
	(envelope-from jkh@time.cdrom.com)
To: Igor Roshchin <igor@physics.uiuc.edu>
cc: freebsd-security@FreeBSD.ORG, igor@alecto.physics.uiuc.edu (Igor Roshchin)
Subject: Re: (FWD) QPOPPER REMOTE ROOT EXPLOIT 
In-reply-to: Your message of "Sat, 27 Jun 1998 19:23:54 CDT."
             <199806280023.TAA04462@alecto.physics.uiuc.edu> 
Date: Sun, 28 Jun 1998 01:41:57 -0700
Message-ID: <4071.899023317@time.cdrom.com>
From: "Jordan K. Hubbard" <jkh@time.cdrom.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> I've just downloaded "popper" directory from 
> ftp://ftp.freebsd.org/.25/FreeBSD/FreeBSD-current/ports/mail
> It is still missing patch for the "UIDL" problem
> (pop_dropcopy.c)
> 
> Several people had suggestion looking like:
> if (strlen(cp) >= 128) cp[127] = 0;

I don't see the sense of this.  If you look at the code, the length of
this string is always known and the test suggested above would
accomplish *nothing*.

- Jordan

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message