[3293] in bugtraq
Re: [BUG] Vulnerability in PINE
daemon@ATHENA.MIT.EDU (Rage-303.tr)
Tue Aug 27 18:10:07 1996
Date: Tue, 27 Aug 1996 14:23:25 -0600
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: "Rage-303.tr" <rage@dimensional.com>
X-To: "Sean B. Hamor" <hamors@litterbox.org>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <Pine.LNX.3.95.960826192918.1836B-100000@litterbox.org>
On Mon, 26 Aug 1996, Sean B. Hamor wrote:
> I verified the existence of this bug in PINE 3.91, however it had been
> fixed in 3.95. I don't know if 3.92, 3.93, or 3.94 are effected. Even
> though this bug has been fixed, I thought I'd still release this because
> many Linux installations still use PINE 3.91, and most machines I have
> accounts on still use PINE 3.91.
> Verification:
>
> This vulnerability has been tested on the following platforms with the
> following versions of PINE:
>
> Linux Slackware 3.0 (1.2.13): PINE 3.91
> FreeBSD 2.1.0-RELEASE: PINE 3.91
>
> Problem has been fixed in PINE 3.95 under Linux Slackware 3.0 (1.2.13):
This still worked under PINE 9.93 under Slackware 3.1.0 (which comes with
the Slackware96 realese)
This did not work under SunOS 4.1.4 running PINE 9.94
So it looks as though it is a <9.94 bug.
