CVE-2000-0352

Published: Nov 18, 1999Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.

Affected (2)

Products: University Of Washington: Pine

University Of Washington

1 product

Pine

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
University Of Washington Pine	Version 4.20
University Of Washington Pine	Version 4.21

References (8)

ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-036.0.txt (unsafe URL)

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/suse_security_announce_36.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/810

Source: cve@mitre.org

http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9911171818220.12375-100000%40ray.compu-aid.com

Source: cve@mitre.org

ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-036.0.txt (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/suse_security_announce_36.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/810

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9911171818220.12375-100000%40ray.compu-aid.com

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.