Vulnerability Report

CVE-2000-0909

RCE

Title: Pine automatic mail From: header overflow

RCE

Proof Of Concept

PoC Available for CVE-2000-0909

CWE Category NVD-CWE-noinfo
Published Date Dec 19, 2000
Modified Date Apr 03, 2025
Exploit Status Available
Score 7.5 CVSS v2.0
Exploit Probability (EPSS)
11.04%

Vulnerability Summary

CVE-2000-0909: Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.

Impacted Vendors

U
university_of_washington 1
W
washington 1

Reference Links

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3 http://www.redhat.com/support/errata/RHSA-2000-102.html http://www.securityfocus.com/archive/1/84901 http://www.securityfocus.com/bid/1709 https://exchange.xforce.ibmcloud.com/vulnerabilities/5283 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3 http://www.redhat.com/support/errata/RHSA-2000-102.html http://www.securityfocus.com/archive/1/84901 http://www.securityfocus.com/bid/1709 https://exchange.xforce.ibmcloud.com/vulnerabilities/5283
CVSS v2.0
Source Entity [email protected]
Severity HIGH
7.5
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:N/AC:L/Au:N/C:P/I:P/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2000-0909 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/20237
View Code
MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A
Complexity N/A
Privileges N/A
Interaction NONE
CVSS Vector String AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected Stack

No specific products linked.