Red Hat Local Security Checks : RedHat Security Advisory RHSA-2002:271

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51215

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2002:271

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2002:271.

A vulnerability in Pine version 4.44 and earlier releases can cause
Pine to crash when sent a carefully crafted email.

[Updated 06 Feb 2003]
Added fixed packages for Advanced Workstation 2.1

Pine, developed at the University of Washington, is a tool for reading,
sending, and managing electronic messages (including mail and news).

A security problem was found in versions of Pine 4.44 and earlier. In these
verions, Pine does not allocate enough memory for the parsing and escaping
of the 'From' header, allowing a carefully crafted email to cause a
buffer overflow on the heap. This will result in Pine crashing.

All users of Pine on Red Hat Linux Advanced Server are advised to
update to these errata packages containing a patch to version 4.44
of Pine that fixes this vulnerability.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2002-271.html
http://www.washington.edu/pine/changes/4.44-to-4.50.html
http://marc.theaimsgroup.com/?l=bugtraq&m=103668430620531&w=2

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: BugTraq ID: 6120
Common Vulnerability Exposure (CVE) ID: CVE-2002-1320
http://www.securityfocus.com/bid/6120
Bugtraq: 20021107 Remote pine Denial of Service (Google Search)
http://marc.info/?l=bugtraq&m=103668430620531&w=2
Bugtraq: 20021202 GLSA: pine (Google Search)
http://marc.info/?l=bugtraq&m=103884988306241&w=2
Conectiva Linux advisory: CLA-2002:551
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000551
En Garde Linux Advisory: ESA-20021127-032
http://www.linuxsecurity.com/advisories/engarde_advisory-2614.html
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-084.php
http://www.redhat.com/support/errata/RHSA-2002-270.html
http://www.redhat.com/support/errata/RHSA-2002-271.html
SuSE Security Announcement: SuSE-SA:2002:046 (Google Search)
http://www.novell.com/linux/security/advisories/2002_046_pine.html
http://www.iss.net/security_center/static/10555.php

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51215
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2002:271
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2002:271. A vulnerability in Pine version 4.44 and earlier releases can cause Pine to crash when sent a carefully crafted email. [Updated 06 Feb 2003] Added fixed packages for Advanced Workstation 2.1 Pine, developed at the University of Washington, is a tool for reading, sending, and managing electronic messages (including mail and news). A security problem was found in versions of Pine 4.44 and earlier. In these verions, Pine does not allocate enough memory for the parsing and escaping of the 'From' header, allowing a carefully crafted email to cause a buffer overflow on the heap. This will result in Pine crashing. All users of Pine on Red Hat Linux Advanced Server are advised to update to these errata packages containing a patch to version 4.44 of Pine that fixes this vulnerability. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2002-271.html http://www.washington.edu/pine/changes/4.44-to-4.50.html http://marc.theaimsgroup.com/?l=bugtraq&m=103668430620531&w=2 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	BugTraq ID: 6120 Common Vulnerability Exposure (CVE) ID: CVE-2002-1320 http://www.securityfocus.com/bid/6120 Bugtraq: 20021107 Remote pine Denial of Service (Google Search) http://marc.info/?l=bugtraq&m=103668430620531&w=2 Bugtraq: 20021202 GLSA: pine (Google Search) http://marc.info/?l=bugtraq&m=103884988306241&w=2 Conectiva Linux advisory: CLA-2002:551 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000551 En Garde Linux Advisory: ESA-20021127-032 http://www.linuxsecurity.com/advisories/engarde_advisory-2614.html http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-084.php http://www.redhat.com/support/errata/RHSA-2002-270.html http://www.redhat.com/support/errata/RHSA-2002-271.html SuSE Security Announcement: SuSE-SA:2002:046 (Google Search) http://www.novell.com/linux/security/advisories/2002_046_pine.html http://www.iss.net/security_center/static/10555.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com