Bugtraq mailing list archives

Re: [BUG] Vulnerability in PINE

From: linux () aiind upv es (Linux Mailing Lists)
Date: Wed, 28 Aug 1996 17:10:52 +0200

This still worked under PINE 9.93 under Slackware 3.1.0 (which comes with
the Slackware96 realese)

This did not work under SunOS 4.1.4 running PINE 9.94

So it looks as though it is a <9.94 bug.


9.94??? You mean 3.94??

I'm using PINE 3.95 on a Solaris 2.5, and it creates me the file :

-rw-rw-rw-   1 root     other          5 Aug 28 17:09 .18.2c55a

in the /tmp directory when i run PINE when i have new mail. Seems
vulnerable...

Greetings

                                                Sergio

Current thread:

[BUG] Vulnerability in PINE, (continued)
- [BUG] Vulnerability in PINE Sean B. Hamor (Aug 26)
  - Tired of /tmp? Here's a proposed solution Igor Chudov @ home (Aug 26)
    - Re: Tired of /tmp? Here's a proposed solution Guido M. Witmond (Aug 27)
    - Re: Tired of /tmp? Here's a proposed solution Thomas Koenig (Aug 28)
    - Re: Tired of /tmp? Here's a proposed solution Sean B. Hamor (Aug 28)
    - Re: Tired of /tmp? Here's a proposed solution mdr () vodka sse att com (Aug 28)
    - Rlogin vulnerabilty Gabriele Avosani (Aug 28)
    - Re: Tired of /tmp? Here's a proposed solution Matthew J Brown (Aug 28)
    - ftpbounce-0.1.tar.gz Rune Braathen (Aug 27)
  - Re: [BUG] Vulnerability in PINE Rage-303.tr (Aug 27)
    - Re: [BUG] Vulnerability in PINE Linux Mailing Lists (Aug 28)
    - Re: [BUG] Vulnerability in PINE Sean B. Hamor (Aug 28)
    - Re: [BUG] Vulnerability in PINE Jason Haar (Aug 29)
    - HOLE: Unixware 2.03: crontab -e Hannu Laurila (Aug 29)
    - Solaris 2.5* ACLs and /dev/kmem access Vic Abell (Aug 28)
  - CIAC Bulletin G-40: SGI admin and user Program Vulnerabilities Marcey Kelley (Aug 27)