Bug#290557: DoS'ed by spam
Package: kmail
Version: 3.3.1-3
Severity: important
Greetings,
as reported on debian-kde@lists.debian.org i observed the following phenomena
today:
" was quite happy when KDE 3.3.1 hit sarge and run a dist-upgrade as soon
als possible, but since then, I have some serions problems with KMail. As
soon as a I open KMail or another folder in KMail, CPU load rises up to 100%
and KMail freezes. After a few minute of using every single CPU time, it
could get, the KMail windows reacts, when I try to open it. But after a few
seconds it continues to freeze.
What may be wrong here?
strace kmail
(...)
read(3, "\0\0\0\vDCOPServer\0\0\0\0\0\0\0\0\tQCString\0"..., 55) = 55
write(3, "\1\2\1\0[\0\0\0m\0\0\0", 12) = 12
write(3, "\0\0\0\17anonymous-6701\0\0\0\0\vDCOPServe"..., 81) = 81
write(3, "\0\0\0\6kmail\0", 10) = 10
read(3, "\2\3\0\0023\0\0\0", 8) = 8
read(3, "m\0\0\0", 4) = 4
read(3, "\0\0\0\vDCOPServer\0\0\0\0\17anonymous-670"..., 51) = 51
write(3, "\1\2\1\0_\0\0\0\2\0\0\0", 12) = 12
write(3, "\0\0\0\17anonymous-6701\0\0\0\0\6kmail\0\0\0\0"..., 61) = 61
write(3, "\0\0\0\n/home/jan\0\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 34) =
34
read(3, "\2\5\0\2!\0\0\0", 8) = 8
read(3, "\2\0\0\0", 4) = 4
read(3, "\0\0\0\6kmail\0\0\0\0\17anonymous-6701\0\0\0\0"..., 33) = 33
read(3, "\2\6\0\0021\0\0\0", 8) = 8
read(3, "\2\0\0\0", 4) = 4
read(3, "\0\0\0\6kmail\0\0\0\0\17anonymous-6701\0\0\0\0"..., 49) = 49
close(3) = 0
exit_group(0)
-freeze---
After a while am able to enter my pop3-account data, then:
(...)
getuid32() = 1000
getpid() = 6710
write(3, "\1\2\1\0H\0\0\0\0\0\0\0", 12) = 12
write(3, "\0\0\0\0\0\0\0\vDCOPServer\0\0\0\0\1\0\0\0\0\25regi"..., 53) = 53
write(3, "\0\0\0\17anonymous-6710\0", 19) = 19
read(3, "\2\3\0\0027\0\0\0", 8) = 8
read(3, "o\0\0\0", 4) = 4
read(3, "\0\0\0\vDCOPServer\0\0\0\0\0\0\0\0\tQCString\0"..., 55) = 55
write(3, "\1\2\1\0[\0\0\0o\0\0\0", 12) = 12
write(3, "\0\0\0\17anonymous-6710\0\0\0\0\vDCOPServe"..., 81) = 81
write(3, "\0\0\0\6kmail\0", 10) = 10
read(3, "\2\3\0\0023\0\0\0", 8) = 8
read(3, "o\0\0\0", 4) = 4
read(3, "\0\0\0\vDCOPServer\0\0\0\0\17anonymous-671"..., 51) = 51
write(3, "\1\2\1\0_\0\0\0\2\0\0\0", 12) = 12
write(3, "\0\0\0\17anonymous-6710\0\0\0\0\6kmail\0\0\0\0"..., 61) = 61
write(3, "\0\0\0\n/home/jan\0\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 34) =
34
read(3, "\2\5\0\2!\0\0\0", 8) = 8
read(3, "\2\0\0\0", 4) = 4
read(3, "\0\0\0\6kmail\0\0\0\0\17anonymous-6710\0\0\0\0"..., 33) = 33
read(3, "\2\6\0\0021\0\0\0", 8) = 8
read(3, "\2\0\0\0", 4) = 4
read(3, "\0\0\0\6kmail\0\0\0\0\17anonymous-6710\0\0\0\0"..., 49) = 49
close(3) = 0
exit_group(0) = ?"
---freeze---"
After doing some reseach, I saw three rather big spam mails (1MB text each)
mails in my inbox - probably slipped through spamasssing because it's size.
(downloadable at http://www.luehr.mynetcologne.de/dos.tar.gz 1,3 MB) After
deleting every three messages KMail works fine.
Keep smiling
yanosz
--
Achtung: Die E-Mail-Adresse jluehr@netcologne.de wird in Kürze
deaktiviert werden. Bitte nutzen Sie die Adresse
jluehr@gmx.net
Reply to: