Vulnerabilities > CVE-2003-0720 - Unspecified vulnerability in University of Washington Pine

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
university-of-washington
nessus
exploit available

Summary

Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.

Exploit-Db

descriptionPine <= 4.56 Remote Buffer Overflow Exploit. CVE-2003-0720. Remote exploit for linux platform
idEDB-ID:99
last seen2016-01-31
modified2003-09-16
published2003-09-16
reportersorbo
sourcehttps://www.exploit-db.com/download/99/
titlePine <= 4.56 - Remote Buffer Overflow Exploit

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_39BD57E65D8311D880E30020ED76EF5A.NASL
    descriptionPine versions prior to 4.58 are affected by two vulnerabilities discovered by iDEFENSE, a buffer overflow in mailview.c and an integer overflow in strings.c. Both vulnerabilities can result in arbitrary code execution when processing a malicious message.
    last seen2020-06-01
    modified2020-06-02
    plugin id37712
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/37712
    titleFreeBSD : pine remotely exploitable vulnerabilities (39bd57e6-5d83-11d8-80e3-0020ed76ef5a)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2003-274.NASL
    descriptionUpdated Pine packages that resolve remotely exploitable security issues are now available. Pine, developed at the University of Washington, is a tool for reading, sending, and managing electronic messages (including mail and news). A buffer overflow exists in the way unpatched versions of Pine prior to 4.57 handle the
    last seen2020-06-01
    modified2020-06-02
    plugin id12420
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/12420
    titleRHEL 2.1 : pine (RHSA-2003:274)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PINE_458.NASL
    descriptionThe following package needs to be updated: iw-pine
    last seen2016-09-26
    modified2004-07-06
    plugin id12602
    published2004-07-06
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=12602
    titleFreeBSD : pine remotely exploitable vulnerabilities (151)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SA_2003_037.NASL
    descriptionThe remote host is missing the patch for the advisory SUSE-SA:2003:037 (pine). The well known and widely used mail client pine is vulnerable to a buffer overflow. The vulnerability exists in the code processing
    last seen2020-06-01
    modified2020-06-02
    plugin id13805
    published2004-07-25
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13805
    titleSUSE-SA:2003:037: pine

Oval

accepted2007-04-25T19:52:33.417-04:00
classvulnerability
contributors
  • nameJay Beale
    organizationBastille Linux
  • nameJay Beale
    organizationBastille Linux
  • nameThomas R. Jones
    organizationMaitreya Security
descriptionBuffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.
familyunix
idoval:org.mitre.oval:def:499
statusaccepted
submitted2003-09-12T12:00:00.000-04:00
titlePINE Buffer Overflow
version36

Redhat

advisories
  • rhsa
    idRHSA-2003:273
  • rhsa
    idRHSA-2003:274