Hello Andreas, 
the following was posted to us: 
Date: Wed,  3 Mar 2004 16:42:04 +0100 
From: Ulf Härnhammar <Ulf.Harnhammar.9485@student.uu.se> 
To: team@security.debian.org 
Cc: steve@steve.org.uk, security@suse.de 
Subject: [security@suse.de] Emil buffer overflows and format string bugs 
Parts/Attachments: 
   1 Shown    ~32 lines  Text 
   2          3.6 KB     Application 
---------------------------------------- 
 
Here's another unpublished security vulnerability. 
 
 
Emil buffer overflows and format string bugs 
============================================ 
 
"Emil v2 is a filter for converting Internet Messages. It supports 
three basic formats: MIME, SUN Mailtool and plain old style RFC822." 
The usual setup is that sendmail or procmail pipe messages from 
the network to the program. Emil is vulnerable to some security 
problems in Debian stable, testing and unstable, as well as in SUSE 
Linux 9.0, 8.2 and possibly older versions of SUSE. 
 
testmail1 and run1.sh give an example of a buffer overflow that 
occurs when converting files with long filenames from MIME to 
uuencode. 
 
testmail2 and run2.sh show a buffer overflow that occurs when 
parsing uuencoded files with long filenames. 
 
testmail3 and run3.sh show a buffer overflow that occurs when 
converting SUN Mailtool files with long filenames to MIME. 
 
There are also some obscure format string bugs that's been fixed 
for completeness' sake. 
 
emil.patch corrects all issues above. It's diff'ed against the 
upstream version 2.1.0-beta9. 
 
 
// Ulf Harnhammar 
 
    [ Part 2, Application/OCTET-STREAM (Name: "emil-stuffs.zip")  4.9KB. ] 
    [ Cannot display this part. Press "V" then "S" to save in a file. ]