[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Evolution denial of service bug ...
From: Josh Bressers <bressers () redhat ! com>
Date: 2010-01-19 20:39:00
Message-ID: 2039809097.229341263933540044.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
----- "Marcus Meissner" <meissner@suse.de> wrote:
>
> We received a bugreport for Evolution from "Francis Provencher for Protek
> Research Lab's" (protekresearchlab@yahoo.ca).
>
> The issue is that if Evolution accesses a malicious POP3 server the
> latter can by sending an overly long ERR message cause a X11 error
> (BadAlloc) likely due to a overly wide Message Box and so cause evolution
> to abort.
>
> The commit in evolution that fixes it:
> http://git.gnome.org/browse/evolution-data-server/commit/?id=22854733409fddf3e313cc637ce3a0309159b41f
> it also checks for utf-8 validity.
>
>
> I am still undecided whether this is a real security issue or not. On one
> hand getting rid of this malicious server from evolution might be
> difficult if it is auto-opened. On the other hand, malicious servers have
> also other denial of service possibilities (like sending 1000000+
> mailheaders).
>
I'm thinking not a flaw for this one. If it could execute arbitrary code,
you'd have a flaw, but a DoS only is pretty gray area.
Unless someone gives me a compelling reason to do so, I'm not assigning
this a CVE id.
Thanks.
--
JB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic