Pine Environment Variable Expansion in URLS Vulnerability

info
discussion
exploit
solution
references

Pine Environment Variable Expansion in URLS Vulnerability

Solution:
Caldera Linux:

Obtain the rpm from:

ftp://ftp.calderasystems.com/pub/OpenLinux/updates/2.3/current/RPMS/

To install the rpm.

rpm -U pine-4.21-1.i386.rpm

the SecurityFocus staff are not ware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.