[INN-COMMITTERS] STABLE-2_3 inn/innfeed (misc.c)
rra at stanford.edu
Fri Jun 30 09:44:31 UTC 2000
Forrest J Cavalier <mibsoft at epix.net> writes:
> Unless I misunderstand totally, the only way there is a potential
> overflow is if untrusted non-user-news data gets into the logged output.
> I'd like someone to show me where that could happen.
Message ID containing %. I'm pretty sure that there are at least some
places in innfeed where it logs a message ID. It's hard to exploit, but
I'm pretty sure it's theoretically possible.
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the inn-workers