CVE-2000-0909

Pine <4.21 - RCE

Title source: llm

Description

Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Arkane · cremotelinux

https://www.exploit-db.com/exploits/20237

View Code ZIP pw:eip

References (7)

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/1709

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/84901

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/5283

[Various Sources] ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2000-102.html

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html

[Various Sources] http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3

Scores

EPSS 0.1104

EPSS Percentile 93.5%

Details

Status published

Products (3)

university_of_washington/pine 4.0.4

university_of_washington/pine 4.10

university_of_washington/pine 4.21

Published Dec 19, 2000

Tracked Since Feb 18, 2026