Vulnerabilities > CVE-2003-0720 - Unspecified vulnerability in University of Washington Pine
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.
Vulnerable Configurations
Exploit-Db
| description | Pine <= 4.56 Remote Buffer Overflow Exploit. CVE-2003-0720. Remote exploit for linux platform |
| id | EDB-ID:99 |
| last seen | 2016-01-31 |
| modified | 2003-09-16 |
| published | 2003-09-16 |
| reporter | sorbo |
| source | https://www.exploit-db.com/download/99/ |
| title | Pine <= 4.56 - Remote Buffer Overflow Exploit |
Nessus
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_39BD57E65D8311D880E30020ED76EF5A.NASL description Pine versions prior to 4.58 are affected by two vulnerabilities discovered by iDEFENSE, a buffer overflow in mailview.c and an integer overflow in strings.c. Both vulnerabilities can result in arbitrary code execution when processing a malicious message. last seen 2020-06-01 modified 2020-06-02 plugin id 37712 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/37712 title FreeBSD : pine remotely exploitable vulnerabilities (39bd57e6-5d83-11d8-80e3-0020ed76ef5a) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2003-274.NASL description Updated Pine packages that resolve remotely exploitable security issues are now available. Pine, developed at the University of Washington, is a tool for reading, sending, and managing electronic messages (including mail and news). A buffer overflow exists in the way unpatched versions of Pine prior to 4.57 handle the last seen 2020-06-01 modified 2020-06-02 plugin id 12420 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12420 title RHEL 2.1 : pine (RHSA-2003:274) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PINE_458.NASL description The following package needs to be updated: iw-pine last seen 2016-09-26 modified 2004-07-06 plugin id 12602 published 2004-07-06 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=12602 title FreeBSD : pine remotely exploitable vulnerabilities (151) NASL family SuSE Local Security Checks NASL id SUSE_SA_2003_037.NASL description The remote host is missing the patch for the advisory SUSE-SA:2003:037 (pine). The well known and widely used mail client pine is vulnerable to a buffer overflow. The vulnerability exists in the code processing last seen 2020-06-01 modified 2020-06-02 plugin id 13805 published 2004-07-25 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13805 title SUSE-SA:2003:037: pine
Oval
| accepted | 2007-04-25T19:52:33.417-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| description | Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:499 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2003-09-12T12:00:00.000-04:00 | ||||||||||||
| title | PINE Buffer Overflow | ||||||||||||
| version | 36 |
Redhat
| advisories |
|
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0099.html
- http://marc.info/?l=bugtraq&m=106322571805153&w=2
- http://marc.info/?l=bugtraq&m=106329356702508&w=2
- http://www.idefense.com/advisory/09.10.03.txt
- http://www.redhat.com/support/errata/RHSA-2003-273.html
- http://www.redhat.com/support/errata/RHSA-2003-274.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A499