Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20100118105111.GA3585@suse.de>
Date: Mon, 18 Jan 2010 11:51:14 +0100
From: Marcus Meissner <meissner@...e.de>
To: OSS Security List <oss-security@...ts.openwall.com>
Subject: Evolution denial of service bug ... 

Hi,

We received a bugreport for Evolution from "Francis Provencher for Protek Research Lab's"
(protekresearchlab@...oo.ca).

The issue is that if Evolution accesses a malicious POP3 server the latter
can by sending an overly long ERR message cause a X11 error (BadAlloc)
likely due to a overly wide Message Box and so cause evolution to abort.

The commit in evolution that fixes it:
http://git.gnome.org/browse/evolution-data-server/commit/?id=22854733409fddf3e313cc637ce3a0309159b41f
it also checks for utf-8 validity.


I am still undecided whether this is a real security issue or not. On
one hand getting rid of this malicious server from evolution might
be difficult if it is auto-opened. On the other hand, malicious servers
have also other denial of service possibilities (like sending 1000000+ mailheaders).

Ciao, Marcus

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.