Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0525

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-0525
Last Modified 05 Sep 2008 04:28:15
Published 12 Aug 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0525

Summary

Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.

Vulnerable Systems

Application

  • Isc Inn 2.0

  • Isc Inn 2.1

  • Isc Inn 2.2

  • Isc Inn 2.2.1

  • Isc Inn 2.2.2

  • Isc Inn 2.2.3


References

BID - 4501

XF - inn-rnews-inews-format-string(8834)

BUGTRAQ - 20020411 Inn (Inter Net News) security problems


Last Updated: 27 May 2016 10:36:57