CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2000-0353

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0220%
EPSS Percentile32.52th
Published1999年6月28日
Last Modified2026年4月16日

Vulnerability Description

Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine.

Affected Platforms (CPE)

📦
University Of Washington

Pine

= 3.98
📦
University Of Washington

Pine

= 4.0
📦
University Of Washington

Pine

= 4.2
📦
University Of Washington

Pine

= 4.10

References & Advisories

🔗 http://www.novell.com/linux/security/advisories/pine_update_announcement.html
🔗 http://www.novell.com/linux/security/advisories/suse_security_announce_6.html
🔗 http://www.securiteam.com/unixfocus/HHP-Pine_remote_exploit.html
🔗 http://www.securityfocus.com/bid/1247
🔗 http://www.novell.com/linux/security/advisories/pine_update_announcement.html
🔗 http://www.novell.com/linux/security/advisories/suse_security_announce_6.html
🔗 http://www.securiteam.com/unixfocus/HHP-Pine_remote_exploit.html
🔗 http://www.securityfocus.com/bid/1247

相關漏洞威脅

CVE-2000-035210.0

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitra...

CVE-2002-23257.8

The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows r...

CVE-2000-08477.5

Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute ...

CVE-2000-09097.5

Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary com...