Pine display_parameters buffer overflow

pine-display-parameters-bo (13150)

High Risk

Description:

Pine (Program for Internet News & Email) is vulnerable to a buffer overflow, caused by improper bounds checking in the display_parameters. By sending an email message with an overly long name attribute, a remote attacker could overflow a buffer and execute arbitrary code on the system, once the victim opens the malicious email.

Consequences:

Gain Access

Remedy:

Upgrade to the latest version of Pine (4.58 or later), available from the University of Washington Web site. See References.

For Red Hat Linux:
Upgrade to the latest pine package, as listed below. Refer to RHSA-2003:273-04 for more information. See References.

Red Hat 7.1: 4.44-19.71.0 or later
Red Hat 7.2: 4.44-19.72.0 or later
Red Hat 7.3: 4.44-19.73.0 or later
Red Hat 8.0: 4.44-19.80.0 or later
Red Hat 9: 4.44-19.90.0 or later

For Red Hat Linux:
Upgrade to the latest pine package, as listed below. Refer to RHSA-2003:274-05 for more information. See References.

Red Hat Enterprise Linux 2.1AS, 2.1ES, 2.1WS and Red Hat Linux Advanced Workstation 2.1: 4.44-19.21AS or later

For SuSE Linux:
Upgrade to the latest pine package, as listed below. Refer to SuSE Security Announcement SuSE-SA:2003:037 for more information. See References.

SuSE Linux 8.2 (Intel): 4.53-109 or later
SuSE Linux 8.1: 4.44-283 or later
SuSE Linux 8.0: 4.44-281 or later
SuSE Linux 7.3: 4.33-280 or later
SuSE Linux 7.2: 4.33-279 or later
SuSE Linux 7.3 (Sparc): 4.33-101 or later
SuSE Linux 7.3 (PPC): 4.33-153 or later

For Slackware Linux:
Upgrade to the latest pine package, as listed below. Refer to slackware-security Mailing List, Wed Sep 10 20:47:53 PDT 2003 for more information. See References.

Slackware Linux 8.1, 9.0, and -current: 4.58 or later

For Conectiva Linux:
Upgrade to the latest pine package, as listed below. Refer to Conectiva Linux Security Announcement CLSA-2003:738 for more information. See References.

Conectiva Linux 7.0: 4.50L-1U70_2cl or later
Conectiva Linux 8: 4.50L-1U80_2cl or later
Conectiva Linux 9: 4.53L-22751U90_1cl or later

For EnGarde Secure Linux Community Edition and Professional Edition:
Upgrade to the latest pine package (4.50-1.0.10 or later), as listed in Guardian Digital Security Advisory ESA-20030911-022. See References.

For Turbolinux:
Upgrade to the latest pine package (4.58-2 or later), as listed in Turbolinux Security Advisory TLSA-2003-57. See References.

For SGI IRIX:
Apply the patch for this vulnerability, as listed in SGI Security Advisory 20031002-01-U. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

• BugTraq Mailing List, Wed Sep 10 2003 - 15:03:04 CDT : Two Exploitable Overflows in PINE.
• Conectiva Linux Security Announcement CLSA-2003:738: pine.
• Guardian Digital Security Advisory ESA-20030911-022: pine. (From LinuxSecurity archive)
• iDEFENSE Security Advisory 09.10.03: Two Exploitable Overflows in PINE.
• SGI Security Advisory 20031002-01-U: SGI Advanced Linux Environment security update #3.
• slackware-security Mailing List, Wed Sep 10 20:47:53 PDT 2003: security issues in pine (SSA:2003-253-01).
• University of Washington Web site: Pine Information Center.
• BID-8588: Pine Message/External-Body Type Attribute Buffer Overflow Vulnerability
• CVE-2003-0720: Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.
• RHSA-2003-273: Updated pine packages fix vulnerabilities
• RHSA-2003-274: pine security update
• SUSE-SA:2003:037: pine: remote code execution

Platforms Affected:

• Conectiva Linux 7.0
• Conectiva Linux 8.0
• Conectiva Linux 9.0
• EngardeLinux Secure Community 1.0.1
• EngardeLinux Secure Linux
• EngardeLinux Secure Professional
• Novell SuSE Linux Enterprise Server 7.0
• RedHat Enterprise Linux 2.1 AW
• RedHat Enterprise Linux 2.1 WS
• RedHat Enterprise Linux 2.1 ES
• RedHat Enterprise Linux 2.1 AS
• RedHat Linux 7
• RedHat Linux 7.1
• RedHat Linux 7.2
• RedHat Linux 7.3
• RedHat Linux 8.0
• RedHat Linux 9.0
• RedHat Linux Advanced Workstation 2.1 Itanium
• SGI IRIX 2.2.1
• SGI IRIX 2.3
• Slackware Slackware Linux 8.1
• Slackware Slackware Linux 9.0
• Slackware Slackware Linux current
• SuSE Linux Enterprise Server 8
• SuSE SuSE eMail Server 3.1
• SuSE SuSE eMail Server III
• SUSE SuSE Linux 7.2
• SUSE SuSE Linux 7.3
• SUSE SuSE Linux 8.0
• SUSE SuSE Linux 8.1
• SUSE SuSE Linux 8.2
• SuSE SuSE Linux Connectivity Server
• SuSE SuSE Linux Database Server
• SuSE SuSE Linux Desktop 1.0
• SuSE SuSE Linux Firewall
• SuSE SuSE Linux Office Server
• Turbolinux Turbolinux Workstation 6.0
• University of Washington Pine 4.56 and prior

Reported:

Sep 10, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page