[Esa-l] Re: html-trap.procmail 1.113 a bit too hair triggered...

John D. Hardin jhardin at wolfenet.com
Mon Jul 24 21:36:20 PDT 2000

On Mon, 24 Jul 2000, Matthew Seaman wrote:

> Got a false positive here on a valid Message-ID.  I guess a few more dots in
> the RE at line 146 of html-trap.procmail might be in order?  According to the
> exploit script at
> http://www.securityfocus.com/data/vulnerabilities/exploits/outoutlook.pl
> it takes more than 945 characters to overflow the buffer in Outlook:

Yeah. Oops. Mea Culpa.

I have adjusted things a bit. Take a look at 1.114, everybody.


 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin at wolfenet.com      pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
				-- Peter da Silva in a.s.r
   97 days until Daylight Savings Time ends

More information about the esd-l mailing list