develooper Front page | perl.qpsmtpd | Postings from January 2015

CVE-2015-0235 exposure via qpsmtpd?

Thread Next
From:
Charlie Brady
Date:
January 28, 2015 13:24
Subject:
CVE-2015-0235 exposure via qpsmtpd?
Message ID:
Pine.LNX.4.64.1501280821590.3946@e-smith.charliebrady.org

As you can see in the advisory:

http://www.openwall.com/lists/oss-security/2015/01/27/9

exim allows remote exploit of a buffer overflow in glibc.

Has anybody done an analysis of qpsmtpd to see whether there is a code 
path via qpsmtpd (and plugins) and perl which allows the same exploit?

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About