Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Windows Net Apps :: win3186.htm

Pegasus Mail



4th Oct 2000 [SBWID-3186]
COMMAND

	    Pegasus

	

	

SYSTEMS AFFECTED

	    Pegasus Mail 3.11

	    Pegasus 4.01 and possibly previous (25 July 2002 update)

	

	

PROBLEM

	'ch0mik' founf following. A couple months ago he found another  PM  (  v3.11
	!!! ) vulnerability. More binary data than about 90KB in body message  cause
	a buffer overflow.
	

	

	 Update (25 July 2002)

	 ======

	

	In the same style Auriemma Luigi found that a long FROM field (over  250
	chars) wouls crash pegasus. For details see :
	

	http://online.securityfocus.com/archive/1/284129/2002-07-22/2002-07-28/0

	

	

SOLUTION

	See the Pegasus mail site (http://www.pmail.com) for updates.
	

	


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH