[Bug 384914] [NEW] Buffer overflow in uw-mailtutils cause by extra-long passwords
Bjoern Voigt
bjoern at cs.tu-berlin.de
Mon Jun 8 19:30:25 UTC 2009
Public bug reported:
Binary package hint: uw-mailutils
If a user types-in an extra long password (>1024 characters) mailutil
crashes with an buffer overflow:
$ mailutil check '{imap.example.com}INBOX'
{imap.example.com} password:
warning: LOGIN failed
*** buffer overflow detected ***: mailutil terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7da8da8]
/lib/tls/i686/cmov/libc.so.6[0xb7da6eb0]
/lib/tls/i686/cmov/libc.so.6[0xb7da65a8]
/lib/tls/i686/cmov/libc.so.6(_IO_default_xsputn+0xc8)[0xb7d18bb8]
/lib/tls/i686/cmov/libc.so.6(_IO_vfprintf+0x3735)[0xb7cedf65]
/lib/tls/i686/cmov/libc.so.6(__vsprintf_chk+0xa4)[0xb7da6654]
/lib/tls/i686/cmov/libc.so.6(__sprintf_chk+0x2d)[0xb7da659d]
mailutil(mm_login+0x6d)[0x804a1dd]
/usr/lib/libc-client.so.2007b(imap_login+0xb6)[0xb7e81da6]
/usr/lib/libc-client.so.2007b(imap_open+0x106f)[0xb7e83d8f]
[0x6227584f]
======= Memory map: ========
Description: Ubuntu 9.04
Release: 9.04
Package: uw-mailutils 8:2007b~dfsg-1.1
** Affects: uw-imap (Ubuntu)
Importance: Undecided
Status: New
--
Buffer overflow in uw-mailtutils cause by extra-long passwords
https://bugs.launchpad.net/bugs/384914
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list