Bugtraq mailing list archives
Re: MDKSA-2000:073 - pine update
From: Kris Kennaway <kris () FREEBSD ORG>
Date: Tue, 21 Nov 2000 23:57:47 -0800
On Mon, Nov 20, 2000 at 06:19:42PM -0700, Linux Mandrake Security Team wrote:
Problem Description: By adding specific headers to messages, the pine mail reader could be made to exit with an error message when users attempted to manipulate mail folders containing those messages.
The most recent problem was worse than that; remote code execution. This seems to describe an older vulnerability in pine. See the following advisories for reference, on ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories: -rw-r--r-- 1 1001 207 4196 Sep 17 08:51 FreeBSD-SA-00:47.pine.asc -rw-r--r-- 1 1001 207 4136 Oct 30 23:04 FreeBSD-SA-00:59.pine.asc Kris
Attachment:
_bin
Description:
Current thread:
- MDKSA-2000:073 - pine update Linux Mandrake Security Team (Nov 22)
- Re: MDKSA-2000:073 - pine update Kris Kennaway (Nov 24)