Bug 45125 (CVE-2003-0721) - VUL-0: CVE-2003-0721: buffer overflow & integer overflow in pine
Summary: VUL-0: CVE-2003-0721: buffer overflow & integer overflow in pine
Status: RESOLVED FIXED
Alias: CVE-2003-0721
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: All Linux
: P3 - Medium : Major
Target Milestone: ---
Assignee: Heiko Rommel
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2003-0721: CVSS v2 Base Score: 7....
Keywords:
Depends on:
Blocks:
 
Reported: 2003-09-05 17:24 UTC by Sebastian Krahmer
Modified: 2021-10-13 13:37 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
putonftp file (557 bytes, application/octet-stream)
2003-09-05 20:28 UTC, Sebastian Krahmer 		Details
patchinfo file (642 bytes, application/octet-stream)
2003-09-05 20:33 UTC, Sebastian Krahmer 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastian Krahmer 2003-09-05 17:24:26 UTC 
From vendor-sec:

Date: Thu, 4 Sep 2003 09:17:25 -0400
From: David Endler <DEndler@iDefense.com>
To: vendor-sec@lst.de
Cc: Steve Hubert <hubert@washington.edu>, Mark Crispin <MRC@CAC.Washington.EDU>
Subject: [vendor-sec] 2 security vulnerabilities in Pine

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

We're working on coordinating disclosure on two security
vulnerabilities in Pine.  The Pine team has just produced fixes and I
have recommended a disclosure date of Wednesday, September 10, Noon
EDT.ISSUE 1: Pine buffer overflow in its handling of the
'message/external-body' type
CAN-2003-0720 has been assigned.  Details below.

ISSUE 2: Pine integer overflow in its MIME header parsing
CAN-2003-0721 has been assigned.  Details below.

The patch is available from       

       
ftp://ftp2.cac.washington.edu/pine/Private/pine4.56-securitypatch
              (MD5: d6de53cc07644a70e7ee617bd8be3cd7)

The new version of Pine source is also available from:

        ftp://ftp2.cac.washington.edu/pine/Private/pine4.57.tar.Z
              (MD5: 7cb3506988211db4c57a5435746740e8) or

        ftp://ftp2.cac.washington.edu/pine/Private/pine4.57.tar.gz
              (MD5: fa06085c22bcc318768959135690de43)
or
        ftp://ftp2.cac.washington.edu/pine/Private/pine4.57.tar.bz2
              (MD5: a17478aeb47cefb2b71832565f00e2ed)

Thanks,

- -dave
Comment 1 Sebastian Krahmer 2003-09-05 17:24:26 UTC 
<!-- SBZ_reproduce  -->
According to Mr. Endler there exists an exploit, but I doubt they give it out
now.
Comment 2 Roman Drahtmueller 2003-09-05 20:18:56 UTC 
Sebastian, Heiko is on vacation. I'll work on the packages, can you handle the
putonftp and patchinfo files, please?

Roman.
Comment 3 Sebastian Krahmer 2003-09-05 20:28:29 UTC 
Created attachment 13873 [details]
putonftp file
Comment 4 Sebastian Krahmer 2003-09-05 20:33:55 UTC 
Created attachment 13874 [details]
patchinfo file

I hope the DISTRIBUTION line is correct since I dont know
which maintained products are affected.
Comment 5 Roman Drahtmueller 2003-09-05 23:09:17 UTC 
ack. packages from 7.2 through 8.2 including SLES are filed.
STABLE has seen a version upgrade (Heiko, see the changelog of the package).

patchinfo turned in.

Roman.
Comment 6 Thomas Biege 2003-09-10 20:21:07 UTC 
packages approved
Comment 7 Thomas Biege 2009-10-13 19:38:50 UTC 
CVE-2003-0721: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)