Georgi Guninski writes:

There are several issues with qmail on 64 bit platforms - classical integer overflow, pointer with signed index and signedness problem (not counting the memory consumtion dos, which just helps).

Update: the problem with the signed index is exploitable on Freebsd 5.4 amd64 wih a lot of virtual memory.

The national vulnaribility database summarizes:

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.

Georgi Guninski writes:

There are several issues with qmail on 64 bit platforms - classical integer overflow, pointer with signed index and signedness problem (not counting the memory consumtion dos, which just helps).

Update: the problem with the signed index is exploitable on Freebsd 5.4 amd64 wih a lot of virtual memory.

The national vulnaribility database summarizes:

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.

Georgi Guninski writes:

There are several issues with qmail on 64 bit platforms - classical integer overflow, pointer with signed index and signedness problem (not counting the memory consumtion dos, which just helps).

Update: the problem with the signed index is exploitable on Freebsd 5.4 amd64 wih a lot of virtual memory.

The national vulnaribility database summarizes:

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.