Vulnerabilities > CVE-2003-0721 - Improper Validation of Array Index vulnerability in Washington Pine
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Overflow Buffers Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
Nessus
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_39BD57E65D8311D880E30020ED76EF5A.NASL description Pine versions prior to 4.58 are affected by two vulnerabilities discovered by iDEFENSE, a buffer overflow in mailview.c and an integer overflow in strings.c. Both vulnerabilities can result in arbitrary code execution when processing a malicious message. last seen 2020-06-01 modified 2020-06-02 plugin id 37712 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/37712 title FreeBSD : pine remotely exploitable vulnerabilities (39bd57e6-5d83-11d8-80e3-0020ed76ef5a) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2003-274.NASL description Updated Pine packages that resolve remotely exploitable security issues are now available. Pine, developed at the University of Washington, is a tool for reading, sending, and managing electronic messages (including mail and news). A buffer overflow exists in the way unpatched versions of Pine prior to 4.57 handle the last seen 2020-06-01 modified 2020-06-02 plugin id 12420 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12420 title RHEL 2.1 : pine (RHSA-2003:274) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PINE_458.NASL description The following package needs to be updated: iw-pine last seen 2016-09-26 modified 2004-07-06 plugin id 12602 published 2004-07-06 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=12602 title FreeBSD : pine remotely exploitable vulnerabilities (151) NASL family SuSE Local Security Checks NASL id SUSE_SA_2003_037.NASL description The remote host is missing the patch for the advisory SUSE-SA:2003:037 (pine). The well known and widely used mail client pine is vulnerable to a buffer overflow. The vulnerability exists in the code processing last seen 2020-06-01 modified 2020-06-02 plugin id 13805 published 2004-07-25 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13805 title SUSE-SA:2003:037: pine
Oval
| accepted | 2007-04-25T19:52:33.657-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| description | Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number. | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:503 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2003-09-12T12:00:00.000-04:00 | ||||||||||||
| title | Integer Signedness Error in PINE | ||||||||||||
| version | 36 |
Redhat
| advisories |
|
References
- http://www.idefense.com/advisory/09.10.03.txt
- http://www.redhat.com/support/errata/RHSA-2003-273.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009850.html
- http://www.redhat.com/support/errata/RHSA-2003-274.html
- http://marc.info/?l=bugtraq&m=106329356702508&w=2
- http://marc.info/?l=bugtraq&m=106367213400313&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A503