On Mon, Nov 06, 2000 at 09:54:03AM +0100, Thomas Gebhardt wrote:
> > it should segfault. good indication of a buffer overflow there.
>
> While this kind of buffer overflow is nasty, (as far as I can see)
> from a security point of view it is rather harmless.
not if the program is question is setuid or setgid, in those cases a
user may be able to exploit the overflow to obtain elevated
privileges. note that the .debs created by the debian pine-src
packages install pine setgid mail (uncessarily AFAICT).
> If you can get pine to execute arbitrary code just by sending a
> malicous mail, that's really dangerous.
indeed.
--
Ethan Benson
http://www.alaska.net/~erbenson/
PGP signature
