[govsec] Morris Worm and a Change in Direction
security curmudgeon
jericho at attrition.org
Sat Nov 6 11:46:54 EST 2004
: elm, pine ...
osvdb.org:
5451 Elm Message-ID Header Remote Overflow
3530 Elm frm Command Overflow
6328 Elm save_embedded_address() Remote Overflow
5825 Elm Symlink Privilege Escalation
6329 Elm get_filter_rules() Command Line Overflow
2198 FreeBSD Korean Elm Port Local Overflow
5404 Pine 4.43 URL Handling DoS
2536 Pine Message Parsing Buffer Overflow
9003 Pine display_parameters() Function Overflow
4531 pgp4pine stack overflow
6948 Pine Malformed From: Header DoS
1352 Pine index.html Arbitrary Command Execution
1142 Pine Environment Variable Expansion in URLS
1560 Pine Malformed Header DoS
1567 Pine From Field Overflow
: I think it would be more appropriate to say there are simple mail
: clients that do not suffer from *as many* or *as serious*
: vulnerabilities as Outlook and some of the other more popular and widely
: deployed mail clients.
More information about the govsec
mailing list