LWN.net Logo

Remotely exploitable vulnerability in pine

Package(s):pine CVE #(s):CAN-2002-0014
Created:May 21, 2002 Updated:November 27, 2002
Description: Pine has an unpleasant vulnerability in URL handling vulnerability which can lead to command execution by remote attackers. (First LWN report:  January 17th).

This vulnerability is remotely exploitable; updating is a good idea.

Note: If an update isn't yet available for your distribution, setting enable-msg-view-urls to "off" in pine's setup will avoid the vulnerability. (Thanks to Greg Herlein).

Alerts:
SuSE SuSE-SA:2002:046 2002-11-25
Yellow Dog YDU-20020127-8 2002-01-27
Slackware sl-1010936849 2002-01-13
Red Hat RHSA-2002:009-06 2002-01-14
EnGarde ESA-20020114-002 2002-01-14
Conectiva CLA-2002:460 2002-01-31

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds