Bugtraq mailing list archives
Re: [BUG] Vulnerability in PINE
From: rage () dimensional com (Rage-303.tr)
Date: Tue, 27 Aug 1996 14:23:25 -0600
On Mon, 26 Aug 1996, Sean B. Hamor wrote:
I verified the existence of this bug in PINE 3.91, however it had been fixed in 3.95. I don't know if 3.92, 3.93, or 3.94 are effected. Even though this bug has been fixed, I thought I'd still release this because many Linux installations still use PINE 3.91, and most machines I have accounts on still use PINE 3.91.
Verification: This vulnerability has been tested on the following platforms with the following versions of PINE: Linux Slackware 3.0 (1.2.13): PINE 3.91 FreeBSD 2.1.0-RELEASE: PINE 3.91 Problem has been fixed in PINE 3.95 under Linux Slackware 3.0 (1.2.13):
This still worked under PINE 9.93 under Slackware 3.1.0 (which comes with the Slackware96 realese) This did not work under SunOS 4.1.4 running PINE 9.94 So it looks as though it is a <9.94 bug.
Current thread:
- Privileges (was libresolv+ bug), (continued)
- Privileges (was libresolv+ bug) Paul McNabb (Aug 26)
- [BUG] Vulnerability in PINE Sean B. Hamor (Aug 26)
- Tired of /tmp? Here's a proposed solution Igor Chudov @ home (Aug 26)
- Re: Tired of /tmp? Here's a proposed solution Guido M. Witmond (Aug 27)
- Re: Tired of /tmp? Here's a proposed solution Thomas Koenig (Aug 28)
- Re: Tired of /tmp? Here's a proposed solution Sean B. Hamor (Aug 28)
- Re: Tired of /tmp? Here's a proposed solution mdr () vodka sse att com (Aug 28)
- Rlogin vulnerabilty Gabriele Avosani (Aug 28)
- Tired of /tmp? Here's a proposed solution Igor Chudov @ home (Aug 26)
- Re: Tired of /tmp? Here's a proposed solution Matthew J Brown (Aug 28)
- ftpbounce-0.1.tar.gz Rune Braathen (Aug 27)
- Re: [BUG] Vulnerability in PINE Linux Mailing Lists (Aug 28)
- Re: [BUG] Vulnerability in PINE Sean B. Hamor (Aug 28)
- Re: [BUG] Vulnerability in PINE Jason Haar (Aug 29)
- HOLE: Unixware 2.03: crontab -e Hannu Laurila (Aug 29)