Ubuntu
uw-imap package

Buffer overflow in uw-mailtutils cause by extra-long passwords

Bug #384914 reported by Bjoern Voigt
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
uw-imap (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: uw-mailutils

If a user types-in an extra long password (>1024 characters) mailutil crashes with an buffer overflow:

$ mailutil check '{imap.example.com}INBOX'
{imap.example.com} password:
warning: LOGIN failed
*** buffer overflow detected ***: mailutil terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7da8da8]
/lib/tls/i686/cmov/libc.so.6[0xb7da6eb0]
/lib/tls/i686/cmov/libc.so.6[0xb7da65a8]
/lib/tls/i686/cmov/libc.so.6(_IO_default_xsputn+0xc8)[0xb7d18bb8]
/lib/tls/i686/cmov/libc.so.6(_IO_vfprintf+0x3735)[0xb7cedf65]
/lib/tls/i686/cmov/libc.so.6(__vsprintf_chk+0xa4)[0xb7da6654]
/lib/tls/i686/cmov/libc.so.6(__sprintf_chk+0x2d)[0xb7da659d]
mailutil(mm_login+0x6d)[0x804a1dd]
/usr/lib/libc-client.so.2007b(imap_login+0xb6)[0xb7e81da6]
/usr/lib/libc-client.so.2007b(imap_open+0x106f)[0xb7e83d8f]
[0x6227584f]
======= Memory map: ========

Description: Ubuntu 9.04
Release: 9.04
Package: uw-mailutils 8:2007b~dfsg-1.1

Revision history for this message
Bjoern Voigt (bjoern) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.