SMTP: Remote Pine Exploit
This signature detects attempts to exploit a known vulnerability against the MIME-handling code in Pine, an e-mail program. Pine 4.56 and earlier are vulnerable. Attackers can send an e-mail containing an invalid "Charset=" header to cause a buffer overflow, enabling the attackers to execute commands at the target privilege level.
Extended Description
A vulnerability has been reported to be present in the software that may allow a remote attacker to cause an integer overflow condition in order to execute arbitrary code on a vulnerable system. The problem is reported to exist in the rfc2231_get_param() function found in the strings.c file. Successful exploitation of this issue may allow a remote attacker to execute arbitrary code on a remote system in order to gain unautorized access.
Affected Products
University_of_washington pine
Short Name
SMTP:EXPLOIT:PINE-CHARSET-OF-1
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2003-0721 Exploit Pine Remote bid:8589
Release Date
04/14/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Sgi
University_of_washington
CVSS Score
7.5