Pine <= 4.56 Remote Buffer Overflow Exploit

No description provided by source. / Mon Sep 15 09:35:01 CEST 2003 remote? Pine = 4.56 exploit by sorbo sorbox yahoo com darkirco Ok won't talk much about the bug since as usual idefense advisories are proper advisories and explain everything... exploiting the bug is trivial after reading the adv...

Pine <= 4.56 Remote Buffer Overflow Exploit

Exploit for linux platform in category remote exploits =========================================== Pine eip/ebp this can actually be "bruteforced" I didn't show this since this is a PoC and uses "exact offsets" All u do is supply multiple charsets and overwrite larger areas of memory This makes...

CVE-2003-0721

Integer signedness error in rfc2231getparam from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number...

CVE-2003-0721

CVE-2003-0721 affects the Pine mail client, with a vulnerability in rfc2231_get_param() in strings.c that allows remote code execution via a crafted email, caused by an integer signedness/out-of-bounds issue. Affected versions are Pine prior to 4.58; multiple advisories (Red Hat RHSA-2003:274, SU...

CVE-2003-0720

CVE-2003-0720 concerns PINE, a mail client, with a buffer overflow vulnerability in the handling of the message/external-body MIME type. Affected software is PINE prior to version 4.58. The issue allows remote attackers to execute arbitrary code when a user processes a specially crafted e‑mail, p...

CVE-2003-0720

Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type...

CVE-2003-0720

Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type...

CVE-2003-0721

Integer signedness error in rfc2231getparam from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number...

PT-2003-1817 · Washington University · Pine

Name of the Vulnerable Software and Affected Versions: PINE versions prior to 4.58 Description: The issue is related to an integer signedness error in the rfc2231 get param function from strings.c. This error allows remote attackers to execute arbitrary code via an email that causes an...

Important: Red Hat Security Advisory: : Updated pine packages fix vulnerabilities

Updated Pine packages that resolve remotely exploitable security issues are now available. Pine, developed at the University of Washington, is a tool for reading, sending, and managing electronic messages including mail and news. A buffer overflow exists in the way unpatched versions of Pine prio...

Important: Red Hat Security Advisory: pine security update

Updated Pine packages that resolve remotely exploitable security issues are now available. Pine, developed at the University of Washington, is a tool for reading, sending, and managing electronic messages including mail and news. A buffer overflow exists in the way unpatched versions of Pine prio...

Multiple pine bugs

Buffer overflows, integer overflows...

iDEFENSE Security Advisory 09.10.03: Two Exploitable Overflows in PINE

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 09.10.03: http://www.idefense.com/advisory/09.10.03.txt Two Exploitable Overflows in PINE September 10, 2003 I. BACKGROUND PINE The Program for Internet News & Email is a popular e-mail client shipped with many Linux and Uni...

security issues in pine

Upgraded pine packages are available for Slackware 8.1, 9.0 and - -current. These fix two security problems found by iDEFENSE Labs which could lead to arbitrary code execution when a specially crafted email is processed by Pine. This problem is fixed in Pine 4.58. Sites which use the Pine mail...

pine remotely exploitable vulnerabilities

Pine versions prior to 4.58 are affected by two vulnerabilities discovered by iDEFENSE, a buffer overflow in mailview.c and an integer overflow in strings.c. Both vulnerabilities can result in arbitrary code execution when processing a malicious message...

CVE-2002-0014

URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters &...

CVE-2002-0014

CVE-2002-0014 affects Pine up to version 4.43 and earlier. The vulnerability lies in URL-handling code that allows remote attackers to execute arbitrary commands when a URL enclosed in single quotes and containing shell metacharacters is processed. Impact is remote code execution with network acc...

Moderate: Red Hat Security Advisory: : : : Updated pine packages available

A vulnerability in Pine version 4.44 and earlier releases can cause Pine to crash when sent a carefully crafted email. Updated 04 July 2003 Added packages for Red Hat Linux on IBM iSeries and pSeries systems. Pine, developed at the University of Washington, is a tool for reading, sending, and...

Moderate: Red Hat Security Advisory: pine security update

A vulnerability in Pine version 4.44 and earlier releases can cause Pine to crash when sent a carefully crafted email. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 Pine, developed at the University of Washington, is a tool for reading, sending, and managing electronic...

CVE-2002-1903

Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information...