CVE-2002-1066 Information

Description

Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command to the POP3 server which exceeds the array limits and allows a buffer overflow attack.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html http://www.iss.net/security_center/static/9689.php http://www.securityfocus.com/bid/5327