Re: pine overflow

From: Kurt Seifried (bugtraqat_private)
Date: Sat Feb 23 2002 - 13:35:35 PST

Next message: Jay Beale: "Re: slocate bug."

Previous message: Onie Camara: "bypassing attachments"
In reply to: Rodrigo Barbosa: "Re: pine overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Stupid question: Is there even a small chance of it being exploitable ?

Based on pine's previous track record: yes.

A short list (there is more):

http://www.cert.org/advisories/CA-1998-09.html

http://www.linuxsecurity.com/advisories/slackware_advisory-1801.html

http://www.washington.edu/pine/changes/4.30-to-4.31.html
changelog entry: Fixed a few buffer overflow possibilities

grep the changelog for "buffer overflow". Yoikes. 
 
> []s
> 
> -- 
>  Rodrigo Barbosa                   - rodrigob at tisbrasil.com.br

Kurt Seifried, kurtat_private
A15B BEE5 B391 B9AD B0EF 
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
http://www.idefense.com/digest.html

Next message: Jay Beale: "Re: slocate bug."
Previous message: Onie Camara: "bypassing attachments"
In reply to: Rodrigo Barbosa: "Re: pine overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Feb 23 2002 - 14:49:31 PST