SMTP: Pine From-Header Remote DoS
This signature detects attempts to exploit a known vulnerability against Pine Mail User Agent (MUA) 4.44. Attackers can send a message that contains a maliciously crafted From header field to crash the service.
Extended Description
A heap corruption may occur when Pine receives an email message containing a particularly crafted "From:" address. Though the address is RFC compliant, Pine reportedly fails to parse it correctly, resulting in a core dump. Execution of arbitrary code may be possible.
Affected Products
University_of_washington pine
References
BugTraq: 6120
CVE: CVE-2002-1320
URL: http://www.washington.edu/pine/ http://nvd.nist.gov/nvd.cfm?cvename=CVE-2002-1320 http://www.kb.cert.org/vuls/id/780737
Short Name
SMTP:EXPLOIT:PINE-SLASHQUOTE
Severity
Warning
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2002-1320 DoS From-Header Pine Remote bid:6120
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
University_of_washington
CVSS Score
5.0