RHEL 2.1 : pine (RHSA-2005:015)
High Nessus Plugin ID 16148
SynopsisThe remote Red Hat host is missing a security update.
DescriptionAn updated Pine package is now available for Red Hat Enterprise Linux 2.1 to fix a denial of service attack.
Pine is an email user agent.
The c-client IMAP client library, as used in Pine 4.44 contains an integer overflow and integer signedness flaw. An attacker could create a malicious IMAP server in such a way that it would cause Pine to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0297 to this issue.
Users of Pine are advised to upgrade to these erratum packages which contain a backported patch to correct this issue.
SolutionUpdate the affected pine package.