From: Kenn Humborg (kenn at domain bluetree.ie)
Date: Tue 09 May 2000 - 13:25:46 IST
> BTW Paul are you serious about older versions of pine running attached
> shell scripts?? That's *so* broken.
There was a buffer overflow in Pine's (and mutt's IIRC) handling
of MIME headers as one stage.
A specially crafted, long, Content-Type: header (or similar)
could overflow the stack and allow arbitrary code to be run.
Fixed _really_ quickly of course...
I'm sure www.securityfocus.com will have details in their archives
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:06:04 GMT