CVE-2000-0352

Description

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

References

• ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-036.0.txt
• http://www.novell.com/linux/security/advisories/suse_security_announce_36.html
• http://www.securityfocus.com/bid/810
• http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9911171818220.12375-100000%40ray.compu-aid.com
• ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-036.0.txt
• http://www.novell.com/linux/security/advisories/suse_security_announce_36.html
• http://www.securityfocus.com/bid/810
• http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9911171818220.12375-100000%40ray.compu-aid.com