Hi,
> pine is riddled with buffer overflows, its considered unfixable
> without totally throwing away 100% of the code and starting over. why
> would anyone do that when we have mutt which is a far superior and
> Free replacement.
>
> try this:
>
> (iirc)
>
> $ export HOME=3D`perl -e 'print "a" x 10000'`
>
> $ pine
>
> it should segfault. good indication of a buffer overflow there.
While this kind of buffer overflow is nasty, (as far as I can see)
from a security point of view it is rather harmless.
If you can get pine to execute arbitrary code just by sending a
malicous mail, that's really dangerous.
Thomas
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
