Search...

Mandrake Linux Security Advisory : pine (MDKSA-2002:084)

2004-07-31T00:00:00

ID MANDRAKE_MDKSA-2002-084.NASL
Type nessus
Reporter This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
Modified 2004-07-31T00:00:00

Description

A vulnerability was discovered in pine while parsing and escaping characters of email addresses; not enough memory is allocated for storing the escaped mailbox part of the address. The resulting buffer overflow on the heap makes pine crash. This new version of pine, 4.50, has the vulnerability fixed. It also offers many other bug fixes and new features.

                                        
                                            #%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2002:084. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(13982);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2002-1320");
  script_xref(name:"MDKSA", value:"2002:084");

  script_name(english:"Mandrake Linux Security Advisory : pine (MDKSA-2002:084)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Mandrake Linux host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A vulnerability was discovered in pine while parsing and escaping
characters of email addresses; not enough memory is allocated for
storing the escaped mailbox part of the address. The resulting buffer
overflow on the heap makes pine crash. This new version of pine, 4.50,
has the vulnerability fixed. It also offers many other bug fixes and
new features."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected pine package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:pine");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:7.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2002/12/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"pine-4.50-1.1mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"pine-4.50-1.1mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"pine-4.50-1.1mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"pine-4.50-1.1mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "MANDRAKE_MDKSA-2002-084.NASL", "bulletinFamily": "scanner", "title": "Mandrake Linux Security Advisory : pine (MDKSA-2002:084)", "description": "A vulnerability was discovered in pine while parsing and escaping\ncharacters of email addresses; not enough memory is allocated for\nstoring the escaped mailbox part of the address. The resulting buffer\noverflow on the heap makes pine crash. This new version of pine, 4.50,\nhas the vulnerability fixed. It also offers many other bug fixes and\nnew features.", "published": "2004-07-31T00:00:00", "modified": "2004-07-31T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/13982", "reporter": "This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.", "references": [], "cvelist": ["CVE-2002-1320"], "type": "nessus", "lastseen": "2021-01-07T11:51:17", "edition": 24, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2002-1320"]}, {"type": "redhat", "idList": ["RHSA-2002:271"]}, {"type": "osvdb", "idList": ["OSVDB:6948"]}, {"type": "openvas", "idList": ["OPENVAS:52524"]}, {"type": "suse", "idList": ["SUSE-SA:2002:046"]}, {"type": "cert", "idList": ["VU:780737"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2002-271.NASL", "FREEBSD_PINE_450.NASL", "FREEBSD_PKG_5ABFEE2D5D8211D880E30020ED76EF5A.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:21985"]}, {"type": "freebsd", "idList": ["5ABFEE2D-5D82-11D8-80E3-0020ED76EF5A"]}], "modified": "2021-01-07T11:51:17", "rev": 2}, "score": {"value": 6.5, "vector": "NONE", "modified": "2021-01-07T11:51:17", "rev": 2}, "vulnersScore": 6.5}, "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2002:084. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(13982);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2002-1320\");\n script_xref(name:\"MDKSA\", value:\"2002:084\");\n\n script_name(english:\"Mandrake Linux Security Advisory : pine (MDKSA-2002:084)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandrake Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered in pine while parsing and escaping\ncharacters of email addresses; not enough memory is allocated for\nstoring the escaped mailbox part of the address. The resulting buffer\noverflow on the heap makes pine crash. This new version of pine, 4.50,\nhas the vulnerability fixed. It also offers many other bug fixes and\nnew features.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pine package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:8.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2002/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"pine-4.50-1.1mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"pine-4.50-1.1mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"pine-4.50-1.1mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"pine-4.50-1.1mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Mandriva Local Security Checks", "pluginID": "13982", "cpe": ["cpe:/o:mandrakesoft:mandrake_linux:7.2", "p-cpe:/a:mandriva:linux:pine", "cpe:/o:mandrakesoft:mandrake_linux:8.2", "cpe:/o:mandrakesoft:mandrake_linux:8.0", "cpe:/o:mandrakesoft:mandrake_linux:8.1"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T11:37:00", "description": "Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks (\").", "edition": 3, "cvss3": {}, "published": "2002-12-11T05:00:00", "title": "CVE-2002-1320", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2002-1320"], "modified": "2016-10-18T02:25:00", "cpe": ["cpe:/a:university_of_washington:pine:4.21", "cpe:/a:university_of_washington:pine:4.0.2", "cpe:/a:university_of_washington:pine:3.98", "cpe:/a:university_of_washington:pine:4.0.4", "cpe:/a:university_of_washington:pine:4.20", "cpe:/a:university_of_washington:pine:4.44", "cpe:/a:university_of_washington:pine:4.30", "cpe:/a:university_of_washington:pine:4.10", "cpe:/a:university_of_washington:pine:4.33"], "id": "CVE-2002-1320", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1320", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:university_of_washington:pine:3.98:*:*:*:*:*:*:*", "cpe:2.3:a:university_of_washington:pine:4.20:*:*:*:*:*:*:*", "cpe:2.3:a:university_of_washington:pine:4.33:*:*:*:*:*:*:*", "cpe:2.3:a:university_of_washington:pine:4.10:*:*:*:*:*:*:*", "cpe:2.3:a:university_of_washington:pine:4.21:*:*:*:*:*:*:*", "cpe:2.3:a:university_of_washington:pine:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:university_of_washington:pine:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:university_of_washington:pine:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:university_of_washington:pine:4.44:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2019-08-13T18:46:51", "bulletinFamily": "unix", "cvelist": ["CVE-2002-1320"], "description": "Pine, developed at the University of Washington, is a tool for reading,\nsending, and managing electronic messages (including mail and news).\n\nA security problem was found in versions of Pine 4.44 and earlier. In these\nverions, Pine does not allocate enough memory for the parsing and escaping\nof the \"From\" header, allowing a carefully crafted email to cause a\nbuffer overflow on the heap. This will result in Pine crashing.\n\nAll users of Pine on Red Hat Linux Advanced Server are advised to\nupdate to these errata packages containing a patch to version 4.44\nof Pine that fixes this vulnerability.", "modified": "2018-03-14T19:26:55", "published": "2003-02-06T05:00:00", "id": "RHSA-2002:271", "href": "https://access.redhat.com/errata/RHSA-2002:271", "type": "redhat", "title": "(RHSA-2002:271) pine security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:01", "bulletinFamily": "software", "cvelist": ["CVE-2002-1320"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.washington.edu/pine/\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=103668430620531&w=2\nISS X-Force ID: 10555\n[CVE-2002-1320](https://vulners.com/cve/CVE-2002-1320)\nBugtraq ID: 6120\n", "modified": "2002-11-07T00:00:00", "published": "2002-11-07T00:00:00", "id": "OSVDB:6948", "href": "https://vulners.com/osvdb/OSVDB:6948", "title": "Pine Malformed From: Header DoS", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-02T21:10:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2002-1320"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-28T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:52524", "href": "http://plugins.openvas.org/nasl.php?oid=52524", "type": "openvas", "title": "FreeBSD Ports: pine, zh-pine, iw-pine", "sourceData": "#\n#VID 5abfee2d-5d82-11d8-80e3-0020ed76ef5a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n pine\n zh-pine\n iw-pine\n\nCVE-2002-1320\nPine 4.44 and earlier allows remote attackers to cause a denial of\nservice (core dump and failed restart) via an email message with a\nFrom header that contains a large number of quotation marks (').\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://marc.theaimsgroup.com/?l=bugtraq&m=103668430620531&w=2\nhttp://www.vuxml.org/freebsd/5abfee2d-5d82-11d8-80e3-0020ed76ef5a.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52524);\n script_version(\"$Revision: 4164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-28 09:03:16 +0200 (Wed, 28 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(6120);\n script_cve_id(\"CVE-2002-1320\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: pine, zh-pine, iw-pine\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"pine\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.50\")<0) {\n txt += 'Package pine version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"zh-pine\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.50\")<0) {\n txt += 'Package zh-pine version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"iw-pine\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.50\")<0) {\n txt += 'Package iw-pine version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T11:59:52", "bulletinFamily": "unix", "cvelist": ["CVE-2002-1320"], "description": "Pine, Program for Internet News and Email, is a well known and widely used eMail client. While parsing and escaping characters of eMail addresses pine does not allocate enough memory for storing the escaped mailbox part of an address. This results in a buffer overflow on the heap that will make pine crash. The offending eMail can just be deleted manually or by using another mail user agent.", "edition": 1, "modified": "2002-11-25T11:03:55", "published": "2002-11-25T11:03:55", "id": "SUSE-SA:2002:046", "href": "http://lists.opensuse.org/opensuse-security-announce/2002-11/msg00011.html", "title": "remote denial-of-service in pine", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "cert": [{"lastseen": "2020-09-18T20:44:16", "bulletinFamily": "info", "cvelist": ["CVE-2002-1320"], "description": "### Overview \n\n[Pine](<http://www.washington.edu/pine/>) is a mail user agent (MUA) written and distributed by the [University of Washington](<http://www.washington.edu/>). Some versions contain a buffer overflow vulnerability in email address handling.\n\n### Description \n\nVersions of [](<http://www.washington.edu/pine/>)Pine prior to 4.50 contain a remotely exploitable buffer overflow in the `addr_list_string()` function. Due to incorrect calculation of string length in `est_size()`, a message From: header that contains a long string of escaped characters can cause a buffer being used by the `addr_list_string()` function to overflow. It is important to note that the From: header is under full control of the remote user sending mail and as such can contain any characters that they supply. \n \n--- \n \n### Impact \n\nAn attacker can construct a message with a crafted From: header that will cause Pine to crash with a segmentation fault, possibly resulting in a core dump. Pine users may be unable to restart the application if messages containing the crafted From: headers appear in mailboxes that Pine is configured to check at startup.\n\nAdditionally, it may be possible for intruders to execute code on the heap of systems using vulnerable versions of the software. The code would be executed in the context of the user running the Pine program. \n \n--- \n \n### Solution \n\nPine 4.50 has been released and contains a patch for this vulnerability. Users of versions earlier than 4.50 are encouraged to upgrade. \n \n--- \n \n \n**Workarounds** \n \nIt may be possible to filter messages containing headers that exploit this vulnerability before they are delivered to mailboxes that Pine reads by using a tool such as [Procmail ](<http://www.procmail.org/>)or [Sieve](<http://www.cyrusoft.com/sieve/>). \n \nUsers of vulnerable versions of Pine may be able to delete existing messages containing the malicious From: headers either manually or from another mail client. \n \n--- \n \n### Vendor Information\n\n780737\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Conectiva __ Affected\n\nUpdated: December 06, 2002 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nConectiva's statement can be found in Conectiva Linux Security Announcement [CLA-2002:551](<http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000551>).\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23780737 Feedback>).\n\n### Gentoo Linux __ Affected\n\nUpdated: December 03, 2002 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\n`It is recommended that all Gentoo Linux users who are running \nnet-mail/pine-4.44-r5 and earlier update their systems as follows: \n`\n\n`emerge rsync \nemerge pine \nemerge clean`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23780737 Feedback>).\n\n### Guardian Digital Inc. __ Affected\n\nUpdated: December 06, 2002 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nGuardian Digital Inc.'s statement can be found in EnGarde Secure Linux Security Advisory [ESA-20021127-032](<http://www.linuxsecurity.com/advisories/engarde_advisory-2614.html>).\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23780737 Feedback>).\n\n### MandrakeSoft __ Affected\n\nUpdated: December 06, 2002 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nMandrakeSoft's statement can be found in Mandrake Linux Security Advisory [MDKSA-2002:084](<http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:084>).\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23780737 Feedback>).\n\n### Red Hat Inc. __ Affected\n\nUpdated: January 09, 2003 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nRed Hat Inc.'s statement can be found in Red Hat Security Advisory [RHSA-2002:270-16](<https://rhn.redhat.com/errata/RHSA-2002-270.html>)\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23780737 Feedback>).\n\n### SuSE Inc. __ Affected\n\nUpdated: December 06, 2002 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nSuSE Inc.'s statement can be found in SuSE Security Announcement [SuSE-SA:2002:046](<http://www.suse.de/de/security/2002_046_pine.html>).\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23780737 Feedback>).\n\n### University of Washington __ Affected\n\nNotified: December 04, 2002 Updated: December 05, 2002 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\n`The fix is to upgrade to Pine version >= 4.50.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23780737 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://www.securityfocus.com/bid/6120>\n * <http://online.securityfocus.com/archive/1/298782>\n * <http://online.securityfocus.com/archive/82/299156>\n\n### Acknowledgements\n\nThanks to Linus Sj\uf6berg for reporting this vulnerability.\n\nThis document was written by Chad R Dougherty.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2002-1320](<http://web.nvd.nist.gov/vuln/detail/CVE-2002-1320>) \n---|--- \n**Severity Metric:** | 10.94 \n**Date Public:** | 2002-11-07 \n**Date First Published:** | 2002-12-09 \n**Date Last Updated: ** | 2003-01-09 15:51 UTC \n**Document Revision: ** | 14 \n", "modified": "2003-01-09T15:51:00", "published": "2002-12-09T00:00:00", "id": "VU:780737", "href": "https://www.kb.cert.org/vuls/id/780737", "type": "cert", "title": "Pine MUA contains buffer overflow in addr_list_string()", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2016-09-26T17:26:12", "description": "The following package needs to be updated: iw-pine", "edition": 1, "published": "2004-07-06T00:00:00", "type": "nessus", "title": "FreeBSD : pine remote denial-of-service attack (150)", "bulletinFamily": "scanner", "cvelist": ["CVE-2002-1320"], "modified": "2004-07-06T00:00:00", "id": "FREEBSD_PINE_450.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=12601", "sourceData": "# @DEPRECATED@\n#\n# This script has been deprecated by freebsd_pkg_5abfee2d5d8211d880e30020ed76ef5a.nasl.\n#\n# Disabled on 2011/10/02.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# This script contains information extracted from VuXML :\n#\n# Copyright 2003-2006 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n#\n#\n\ninclude('compat.inc');\n\nif ( description )\n{\n script_id(12601);\n script_version(\"$Revision: 1.10 $\");\n script_cve_id(\"CVE-2002-1320\");\n\n script_name(english:\"FreeBSD : pine remote denial-of-service attack (150)\");\n\nscript_set_attribute(attribute:'synopsis', value: 'The remote host is missing a security update');\nscript_set_attribute(attribute:'description', value:'The following package needs to be updated: iw-pine');\nscript_set_attribute(attribute: 'cvss_vector', value: 'CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P');\nscript_set_attribute(attribute:'solution', value: 'Update the package on the remote host');\nscript_set_attribute(attribute: 'see_also', value: 'http://secunia.com/advisories/12857/\nhttp://secunia.com/advisories/9096\nhttp://securitytracker.com/alerts/2004/Oct/1011673.html\nhttp://securitytracker.com/id?1015619\nhttp://www.frsirt.com/english/advisories/2006/0554\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-60.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-61.html\nhttp://www.securiteam.com/unixfocus/5CP0N0UAAA.html\nhttp://www.ssh.com/company/newsroom/article/715/\nhttp://x82.inetcop.org/h0me/adv1sor1es/INCSA.2003-0x82-018-GNATS-bt.txt');\nscript_set_attribute(attribute:'see_also', value: 'http://www.FreeBSD.org/ports/portaudit/5abfee2d-5d82-11d8-80e3-0020ed76ef5a.html');\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/07/06\");\n script_end_attributes();\n script_summary(english:\"Check for iw-pine\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2010 Tenable Network Security, Inc.\");\n family[\"english\"] = \"FreeBSD Local Security Checks\";\n script_family(english:family[\"english\"]);\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/FreeBSD/pkg_info\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"This plugin has been deprecated. Refer to plugin #37439 (freebsd_pkg_5abfee2d5d8211d880e30020ed76ef5a.nasl) instead.\");\n\nglobal_var cvss_score;\ncvss_score=5;\ninclude('freebsd_package.inc');\n\n\npkg_test(pkg:\"pine<4.50\");\n\npkg_test(pkg:\"zh-pine<4.50\");\n\npkg_test(pkg:\"iw-pine<4.50\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2021-01-07T10:44:08", "description": "An attacker may send a specially-formatted email message that will\ncause pine to crash.", "edition": 25, "published": "2009-04-23T00:00:00", "title": "FreeBSD : pine remote denial-of-service attack (5abfee2d-5d82-11d8-80e3-0020ed76ef5a)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2002-1320"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:iw-pine", "p-cpe:/a:freebsd:freebsd:zh-pine", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:pine"], "id": "FREEBSD_PKG_5ABFEE2D5D8211D880E30020ED76EF5A.NASL", "href": "https://www.tenable.com/plugins/nessus/37439", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37439);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2002-1320\");\n\n script_name(english:\"FreeBSD : pine remote denial-of-service attack (5abfee2d-5d82-11d8-80e3-0020ed76ef5a)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An attacker may send a specially-formatted email message that will\ncause pine to crash.\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=103668430620531&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=bugtraq&m=103668430620531&w=2\"\n );\n # https://vuxml.freebsd.org/freebsd/5abfee2d-5d82-11d8-80e3-0020ed76ef5a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?670455a0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:iw-pine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:pine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:zh-pine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"pine<4.50\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"zh-pine<4.50\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"iw-pine<4.50\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:05:14", "description": "A vulnerability in Pine version 4.44 and earlier releases can cause\nPine to crash when sent a carefully crafted email.\n\n[Updated 06 Feb 2003] Added fixed packages for Advanced Workstation\n2.1\n\nPine, developed at the University of Washington, is a tool for\nreading, sending, and managing electronic messages (including mail and\nnews).\n\nA security problem was found in versions of Pine 4.44 and earlier. In\nthese verions, Pine does not allocate enough memory for the parsing\nand escaping of the 'From' header, allowing a carefully crafted email\nto cause a buffer overflow on the heap. This will result in Pine\ncrashing.\n\nAll users of Pine on Red Hat Linux Advanced Server are advised to\nupdate to these errata packages containing a patch to version 4.44 of\nPine that fixes this vulnerability.", "edition": 28, "published": "2004-07-06T00:00:00", "title": "RHEL 2.1 : pine (RHSA-2002:271)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2002-1320"], "modified": "2004-07-06T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:pine"], "id": "REDHAT-RHSA-2002-271.NASL", "href": "https://www.tenable.com/plugins/nessus/12338", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2002:271. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(12338);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2002-1320\");\n script_xref(name:\"RHSA\", value:\"2002:271\");\n\n script_name(english:\"RHEL 2.1 : pine (RHSA-2002:271)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability in Pine version 4.44 and earlier releases can cause\nPine to crash when sent a carefully crafted email.\n\n[Updated 06 Feb 2003] Added fixed packages for Advanced Workstation\n2.1\n\nPine, developed at the University of Washington, is a tool for\nreading, sending, and managing electronic messages (including mail and\nnews).\n\nA security problem was found in versions of Pine 4.44 and earlier. In\nthese verions, Pine does not allocate enough memory for the parsing\nand escaping of the 'From' header, allowing a carefully crafted email\nto cause a buffer overflow on the heap. This will result in Pine\ncrashing.\n\nAll users of Pine on Red Hat Linux Advanced Server are advised to\nupdate to these errata packages containing a patch to version 4.44 of\nPine that fixes this vulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2002-1320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.washington.edu/pine/changes/4.44-to-4.50.html\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=103668430620531&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=bugtraq&m=103668430620531&w=2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2002:271\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pine package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2002:271\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"pine-4.44-7.21AS.0\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pine\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "exploitdb": [{"lastseen": "2016-02-02T17:43:10", "description": "Pine 4.x From: Field Heap Corruption Vulnerability. CVE-2002-1320 . Dos exploit for linux platform", "published": "2002-11-07T00:00:00", "type": "exploitdb", "title": "Pine 4.x From: Field Heap Corruption Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2002-1320"], "modified": "2002-11-07T00:00:00", "id": "EDB-ID:21985", "href": "https://www.exploit-db.com/exploits/21985/", "sourceData": "source: http://www.securityfocus.com/bid/6120/info\r\n\r\nA heap corruption may occur when Pine receives an email message containing a particularly crafted \"From:\" address. Though the address is RFC compliant, Pine reportedly fails to parse it correctly, resulting in a core dump. Execution of arbitrary code may be possible. \r\n\r\n\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\\\"\"@host.fubar ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/21985/"}], "freebsd": [{"lastseen": "2019-05-29T18:35:20", "bulletinFamily": "unix", "cvelist": ["CVE-2002-1320"], "description": "\nAn attacker may send a specially-formatted email message\n\t that will cause pine to crash.\n", "edition": 4, "modified": "2002-10-23T00:00:00", "published": "2002-10-23T00:00:00", "id": "5ABFEE2D-5D82-11D8-80E3-0020ED76EF5A", "href": "https://vuxml.freebsd.org/freebsd/5abfee2d-5d82-11d8-80e3-0020ed76ef5a.html", "title": "pine remote denial-of-service attack", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}