[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Outlook denial of service
From: YoDuh <yoduh () GETACLUE ! ORG>
Date: 1999-06-25 20:24:02
[Download RAW message or body]
I've found a problem in qualcomm popper (and presumabley others) in that it
doesn't check for an existing X-UIDL: headers, but simpley uses it when the
client sends in a uidl request. This problem can manifest itself as an
effective denial of service attack against microsoft outlook clients
because outlook looks for unique uidl's for each message and if there are
duplicates it will hang prior to downloading any mail. I've put up a small
web site detailing the problem and some possible work arounds/fixes at
http://getaclue.org/yoduh/outlook.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic