CVE-2000-0353 — OF Washington Pine vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

3.4%

top 12.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

University OF Washington Pine

Timeline

PublishedJun 28

Latest updateApr 30

Description

Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDuniversity_of_washington/pine4 versions+3

Patches

Patch: www.securiteam.com ↗Patch: www.securiteam.com ↗

🔴Vulnerability Details

GHSA

GHSA-ccp8-f5cx-4p8g: Pine 4↗2022-04-30

▶

CVEList

CVE-2000-0353: Pine 4↗2000-07-12

▶