Lucene search
K

155 matches found

CVE
CVE
added 2000/07/12 4:0 a.m.62 views

CVE-2000-0352

Technical details about CVE-2000-0352 are not provided in the connected documents. The initial entry lists the Pine vulnerability but no additional specifics. Monitor for updates.

10CVSS8AI score0.03509EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2000/07/12 4:0 a.m.58 views

CVE-2000-0353

Pine 4.x is affected by CVE-2000-0353. A remote attacker can trigger arbitrary commands by providing an index.html that executes lynx to fetch a uudecoded file from a malicious web server, which is then executed by Pine. Impact is described as full confidentiality, integrity, and availability com...

10CVSS7.9AI score0.03877EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2000/07/12 4:0 a.m.28 views

CVE-2000-0353

Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine...

7.5AI score0.03877EPSS
Exploits1References4
securityvulns
securityvulns
added 2000/05/29 12:0 a.m.50 views

Выполнение команд через pine

К письму может быть прикреплен файл, содержащий скрипт, который будет выполнен с привилегиями пользователя pine...

0.4AI score
Exploits0Affected Software1
Packet Storm
Packet Storm
added 1999/11/23 12:0 a.m.43 views

pine.420.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I reported the vulnerability below to the Pine team on Oct 21, when 4.20 was current. 4.21 which I just noticed on freshmeat seems to fix the problem even though it's not mentioned in the release notes. Since it's not, I thought some disclosure was in...

7.4AI score
Exploits0
NVD
NVD
added 1999/11/18 5:0 a.m.14 views

CVE-2000-0352

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL...

10CVSS7.7AI score0.03509EPSS
Exploits0References4
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.47 views

pine.4.xx.lockfile.txt

Date: Sun, 5 Mar 1999 01:41:25 +0100 From: Michal Zalewski Lockfile vunerability in pine 4.xx Linux The problem is probably well known, but silently ignored by pine vendors. Unfortunately, it's possible to turn 'mostly harmless feature' in something nasty - following code allows various DoSes by...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.28 views

pine4.10-remote.txt

Date: Mon, 8 Feb 1999 00:22:17 +0100 From: Michal Zalewski To: [email protected] Subject: remote exploit on pine 4.10 - neverending story? Affected systems: ----------------- Any Unx system running 'pine' up to version 4.10 latest. Compromise: ----------- Remote execution of arbitrary code whe...

Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.33 views

pinepolicy.txt

Date: Mon, 7 Sep 1998 12:18:28 +0100 From: Chris Wilson Hey people, I've discovered a vulnerability in Pine, tested on version 3.95q, but which probably applies to all versions up to 4.02. This vulnerability allows users to bypass site policies and use Pine to run arbitrary commands in the user's...

Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.47 views

ipop3d.4.xx.lockfile.DoS.txt

Date: Sun, 7 Mar 1999 01:41:25 +0100 From: Michal Zalewski Lockfile vunerability in ipop3d 4.xx The problem is probably well known, but silently ignored by pine vendors. Unfortunately, it's possible to turn 'mostly harmless feature' in something nasty - following code allows various DoSes by...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.62 views

hhp-pine_adv0004.txt

The hhp presents... The hhp-pine remote exploit advisory. 6/22/99 By: elaich aka LoopHole of the hhp. http://hhp.hemp.net/ --------------------------------------------------------- A few months ago I found a bigger problem with the charset bug then imagined. With a uuencode/uudecode method in the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.22 views

pine-bof-10000.txt

Date: Mon, 8 Feb 1999 21:19:29 +0000 From: Chris Evans To: [email protected] Subject: Pine again : Hi, PINE seems to be flavour of the month so I'll add to Michal's post. This is much less serious than Michal's problem but probably noteworthy anyway. PINE can be made to crash if /var/spool/mai...

Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.34 views

pine.4.xx.bof.txt

Date: Sun, 7 Mar 1999 01:41:25 +0100 From: Michal Zalewski Overflow in pine 4.xx Linux pine 4.xx, at least on Linux platform, have serious security hole. When data is read from so-called mailbox lock created in /tmp directory this happens under certain conditions - please refer exploit code below...

0.1AI score
Exploits0
NVD
NVD
added 1999/06/28 4:0 a.m.22 views

CVE-2000-0353

Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine...

10CVSS7.5AI score0.03877EPSS
Exploits1References4
NVD
NVD
added 1996/08/26 4:0 a.m.11 views

CVE-1999-1187

Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail...

4.6CVSS0.00307EPSS
Exploits0References2
Rows per page
Query Builder