Preface: SMTP MIME file name overflowLogo -Internet Security Systems

SMTP MIME file name overflow
advICE :Intrusions : 2001016
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

Email abuse.

Details

May be an attempt to overload a buffer and crash or break-in. A very long user name, password, or file name often signals an intentional effort to overflow a buffer on a server. By constructing the data in a particular way, the intruder may be able to execute his own code on the attacked system.

 more information
CERT: CA-98.10.mime_buffer_overflows  
 
BugtraqID: 685  
 
Aleph One's article on buffer overflows  
 

 parametric information
lengthThe length of the filename.
filenameThe beginning portion of the filename.

 configuration for this item
file.maxname200The maximum length of a file name.

 
Version appeared: 1.8.5.5
Privacy Policy |  Copyright Info