Re: Pine 4.33 (at least) URL handler allows embedded commands.

From: Roman Drahtmueller (drahtat_private)
Date: Mon Jan 07 2002 - 05:01:05 PST

Next message: bugzillaat_private: "[RHSA-2001:176-05] Updated exim packages fix security problem"

Previous message: zen-parse: "Re: Pine 4.33 (at least) URL handler allows embedded commands."
In reply to: Michal Zalewski: "Re: Pine 4.33 (at least) URL handler allows embedded commands."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Problem:		URL handler allows embedded commands.
> > 			May allow email viruses of the Outlook kind.
>
> >   http://address/'&/some/program${IFS}with${IFS}arguments&'
>
> Isn't that old news? http://www.securityfocus.com/bid/810
>
> I *can* be wrong, but it looks like it is the same problem...

SuSE pine packages contain a patch that makes pine use environment
variables to pass on the URL to the viewer. The patch is attached - I'm
not sure who made it, but it looks like from Olaf Kirch.

Roman.
-- 
 -                                                                      -
| Roman Drahtmüller      <drahtat_private> // "You don't need eyes to see, |
  SuSE GmbH - Security           Phone: //             you need vision!"
| Nürnberg, Germany     +49-911-740530 //           Maxi Jazz, Faithless |
 -                                                                      -

TEXT/PLAIN attachment: pine-4.33-security.patch

Next message: bugzillaat_private: "[RHSA-2001:176-05] Updated exim packages fix security problem"
Previous message: zen-parse: "Re: Pine 4.33 (at least) URL handler allows embedded commands."
In reply to: Michal Zalewski: "Re: Pine 4.33 (at least) URL handler allows embedded commands."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jan 08 2002 - 08:05:24 PST