Family: Red Hat Local Security Checks --> Category: infos
RHSA-2002-271: pine Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the pine packages
Detailed Explanation for this Vulnerability Test
A vulnerability in Pine version 4.44 and earlier releases can cause
Pine to crash when sent a carefully crafted email.
[Updated 06 Feb 2003]
Added fixed packages for Advanced Workstation 2.1
Pine, developed at the University of Washington, is a tool for reading,
sending, and managing electronic messages (including mail and news).
A security problem was found in versions of Pine 4.44 and earlier. In these
verions, Pine does not allocate enough memory for the parsing and escaping
of the "From" header, allowing a carefully crafted email to cause a
buffer overflow on the heap. This will result in Pine crashing.
All users of Pine on Red Hat Linux Advanced Server are advised to
update to these errata packages containing a patch to version 4.44
of Pine that fixes this vulnerability.
Solution : http://rhn.redhat.com/errata/RHSA-2002-271.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.