Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades.
http://www.idefense.com/application/poi/display?id=5 http://www.vuxml.org/freebsd/39bd57e6-5d83-11d8-80e3-0020ed76ef5a.html
Insight
The following packages are affected:
pine
zh-pine
iw-pine
CVE-2003-0720
Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.
CVE-2003-0721
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.
Severity
Classification
-
CVE CVE-2003-0720, CVE-2003-0721 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities