Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: MDKSA-2000:073 - pine update
From: Kris Kennaway <kris () FREEBSD ORG>
Date: Tue, 21 Nov 2000 23:57:47 -0800

On Mon, Nov 20, 2000 at 06:19:42PM -0700, Linux Mandrake Security Team wrote:

Problem Description:

 By adding specific headers to messages, the pine mail reader could be
 made to exit with an error message when users attempted to manipulate
 mail folders containing those messages.

The most recent problem was worse than that; remote code
execution. This seems to describe an older vulnerability in pine.

See the following advisories for reference, on

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories:

-rw-r--r--  1 1001  207  4196 Sep 17 08:51 FreeBSD-SA-00:47.pine.asc
-rw-r--r--  1 1001  207  4136 Oct 30 23:04 FreeBSD-SA-00:59.pine.asc

Kris

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault