The hhp presents...

             The hhp-pine remote exploit advisory.
                           6/22/99
                    By: loophole of hhp.
                    http://hhp.perlx.com/
#---------------------------------------------------------#

   A  few  months  ago  I  found  a bigger problem with the
charset   bug   then  imagined.  With  a  uuencode/uudecode
method  in  the  charset, and an index.html of a site, it's
possible  to run any program/script wanted to on the remote
system.  When  the  email  is read it launches lynx -source
and  grabs  the index.html which is then uudecoded and ran.
This  includes  root and non-root users infected.  Many big
servers run pine, and having fingerd running,  most  of the
time allows us complete access to get every username on the
server, which then is simple to send the infected emails to
each user.
   We have tested this on our own systems with full success.
These  operating systems include BSD, Linux, IRIX, AIX, SCO,
and SunOS.
   I'm  sure  this will be fixed in the newer version along
with  the  patch  already  made  for  the  current version.
hhp-pine.tar   is   available  to  download  at  our  site,
http://hhp.hemp.net/.

   The  current pine 4.10 patch is available to download at
http://www.geek-girl.com/bugtraq/1999_1/0532.html


       Jobs/Probs/Bugs/Etc. -> loophole@hhp.perlx.com
#---------------------------------------------------------#