[Bug 817439] New: kmail akonadi_imap_resource attacks IAMP-Server with wrong requests
https://bugzilla.novell.com/show_bug.cgi?id=817439 https://bugzilla.novell.com/show_bug.cgi?id=817439#c0 Summary: kmail akonadi_imap_resource attacks IAMP-Server with wrong requests Classification: openSUSE Product: openSUSE 12.3 Version: Final Platform: x86-64 OS/Version: openSUSE 12.3 Status: NEW Severity: Normal Priority: P5 - None Component: KDE4 Applications AssignedTo: kde-maintainers@suse.de ReportedBy: tschaefer@t-online.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0 config: imap via port 993 with ssl/tls Kmail / akonadi works fine for some minutes after start, at user point of view everything stays fine. But in background traffic increases. on serversite it looks like this: Apr 26 20:01:54 mail imaps[3861]: starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication Apr 26 20:01:54 mail imaps[3918]: SSL_accept() incomplete -> wait Apr 26 20:01:54 mail imaps[3918]: SSL_accept() succeeded -> done Apr 26 20:01:54 mail imaps[3918]: starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication Apr 26 20:01:54 mail imaps[2175]: accepted connection Apr 26 20:01:54 mail imaps[2175]: SSL_accept() incomplete -> wait Apr 26 20:01:54 mail imaps[2175]: SSL_accept() succeeded -> done Apr 26 20:01:54 mail imaps[3861]: accepted connection Apr 26 20:01:54 mail imaps[2175]: starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication Apr 26 20:01:54 mail imaps[3861]: SSL_accept() incomplete -> wait Apr 26 20:01:54 mail imaps[3861]: SSL_accept() succeeded -> done Apr 26 20:01:54 mail imaps[3861]: starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication Apr 26 20:01:54 mail imaps[3918]: accepted connection Apr 26 20:01:54 mail imaps[3918]: SSL_accept() incomplete -> wait Apr 26 20:01:54 mail imaps[3918]: SSL_accept() succeeded -> done Apr 26 20:01:54 mail imaps[3918]: starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication Apr 26 20:01:54 mail imaps[2175]: accepted connection Apr 26 20:01:54 mail imaps[2175]: SSL_accept() incomplete -> wait Apr 26 20:01:54 mail imaps[2175]: SSL_accept() succeeded -> done Apr 26 20:01:54 mail imaps[2175]: starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication Apr 26 20:01:54 mail imaps[3861]: accepted connection Apr 26 20:01:54 mail imaps[3861]: SSL_accept() incomplete -> wait Apr 26 20:01:54 mail imaps[3861]: SSL_accept() succeeded -> done Apr 26 20:01:54 mail imaps[3861]: starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication Apr 26 20:01:54 mail imaps[3918]: accepted connection The timestamps are correct - kmail/akonadi does it indeed very quickly. Reproducible: Always Steps to Reproduce: Use kmail with an imaps-configuraion Actual Results: to many unsuccessful connections (there must be still a working connection, within gui kmail behaves normally ) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=817439
https://bugzilla.novell.com/show_bug.cgi?id=817439#c1
Thomas Schäfer
https://bugzilla.novell.com/show_bug.cgi?id=817439
https://bugzilla.novell.com/show_bug.cgi?id=817439#c2
--- Comment #2 from Thomas Schäfer
https://bugzilla.novell.com/show_bug.cgi?id=817439
https://bugzilla.novell.com/show_bug.cgi?id=817439#c3
--- Comment #3 from Thomas Schäfer
participants (1)
-
bugzilla_noreply@novell.com