|
|
Pine Environment Variable URL Shell Interpreting Vulnerability
|
Bugtraq ID:
|
3815
|
|
Class:
|
Design Error
|
|
CVE:
|
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jan 05 2002 12:00AM
|
|
Updated:
|
Jan 05 2002 12:00AM
|
|
Credit:
|
This vulnerability was originally discovered by Jim Hebert <jhebert@jhebert.cx> on November 18, 1999, and was rediscovered by zen-parse <zen-parse@gmx.net> October 20, 2001. It was reannounced to Bugtraq on January 5, 2002.
|
|
Vulnerable:
|
University of Washington Pine 4.33
-
FreeBSD FreeBSD 4.4
-
FreeBSD FreeBSD 4.3
-
FreeBSD FreeBSD 4.2
+
HP Secure OS software for Linux 1.0
+
RedHat Linux 7.2 ia64
+
RedHat Linux 7.2 i386
+
RedHat Linux 7.1 ia64
+
RedHat Linux 7.1 i386
+
RedHat Linux 7.1 alpha
+
S.u.S.E. Linux 7.3 sparc
+
S.u.S.E. Linux 7.3 ppc
+
S.u.S.E. Linux 7.3 i386
+
S.u.S.E. Linux 7.3
+
S.u.S.E. Linux 7.2 i386
+
S.u.S.E. Linux 7.2
+
S.u.S.E. Linux 7.1 sparc
+
S.u.S.E. Linux 7.1 ppc
+
S.u.S.E. Linux 7.1 alpha
+
S.u.S.E. Linux 7.1
University of Washington Pine 4.30
University of Washington Pine 4.21
+
Conectiva Linux 7.0
+
Conectiva Linux 6.0
+
Conectiva Linux 5.1
+
Conectiva Linux 5.0
+
Conectiva Linux graficas
+
Conectiva Linux ecommerce
+
RedHat Linux 7.0 i386
+
RedHat Linux 7.0 alpha
+
RedHat Linux 6.2 sparc
+
RedHat Linux 6.2 i386
+
RedHat Linux 6.2 alpha
+
Slackware Linux 7.1
+
Slackware Linux 7.0
University of Washington Pine 4.20
+
Turbolinux Turbolinux Workstation 6.0
|
|
|
|
Not Vulnerable:
|
University of Washington Pine 4.44
+
EnGarde Secure Linux 1.0.1
+
RedHat Enterprise Linux AS 2.1 IA64
+
RedHat Enterprise Linux AS 2.1
+
RedHat Enterprise Linux ES 2.1 IA64
+
RedHat Enterprise Linux ES 2.1
+
RedHat Enterprise Linux WS 2.1 IA64
+
RedHat Enterprise Linux WS 2.1
+
RedHat Linux Advanced Work Station 2.1
+
S.u.S.E. Linux 8.1
+
S.u.S.E. Linux 8.0 i386
+
S.u.S.E. Linux 8.0
+
Sun Cobalt Qube 3
+
Sun Cobalt RaQ 4
+
Sun Cobalt RaQ 550
+
Sun Cobalt RaQ XTR
+
Sun Linux 5.0.7
+
Sun Linux 5.0
|
|
|
