• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Pine Empty MIME Boundary Denial Of Service Vulnerability

Solution:
It has been reported that using the source code attained from ftp://ftp.cac.washington.edu/imap/imap-2002.RC2.tar.Z in place of the IMAP source code contained in the Pine distribution, and rebuilding pine will fix this vulnerability.

The report suggests that replacing the code contained in the imap directory of pine with that from the above link, changing the value SET_DISABLEAUTOMATICSHAREDNAMESPACES to SET_DISABLEAUTOSHAREDNS in pine/pine.c, and rebuilding the client will rectify this issue.