From owner-freebsd-security@FreeBSD.ORG Mon Mar 31 11:27:12 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3265737B404; Mon, 31 Mar 2003 11:27:11 -0800 (PST) Received: from lariat.org (lariat.org [63.229.157.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id F152C43FB1; Mon, 31 Mar 2003 11:27:07 -0800 (PST) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp1000.lariat.org@lariat.org [63.229.157.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id MAA29284; Mon, 31 Mar 2003 12:27:02 -0700 (MST) X-message-flag: Warning! Use of Microsoft Outlook renders your system susceptible to Internet worms. Message-Id: <4.3.2.7.2.20030331122450.031ace50@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Mon, 31 Mar 2003 12:26:56 -0700 To: "Jacques A. Vidrine" From: Brett Glass In-Reply-To: <20030331185646.GB40453@madman.celabo.org> References: <4.3.2.7.2.20030331102232.0327fa90@localhost> <3E887850.7010100@drweb.ru> <4.3.2.7.2.20030331102232.0327fa90@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" cc: freebsd-security@FreeBSD.org Subject: Re: what was that? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2003 19:27:13 -0000 At 11:56 AM 3/31/2003, Jacques A. Vidrine wrote: >> It means that someone's trying to exploit a buffer overrun >> vulnerability. > >No, I don't think so. You have a right to disagree, of course. However, some MUAs HAVE been reported to have buffer overflow vulnerabilities that can be exploited via an excessively long message ID header. I have installed a filter that shortens them to prevent Outlook users from being nailed by this bug. --Brett