CVE-2019-3692

The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version...

CVE-2012-3523

The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection"...

ISC InterNetNews (INN) contains buffer overflow in ARTpost() function

Overview The Internet Software Consortium's ISC InterNetNews INN is a Usenet application. A vulnerability in INN may permit a remote attacker to compromise the system. Description Version 2.4.0 of ISC's InterNetNews package contains a Network News Transfer Protocol NNTP server that contains a...

INN < 2.4.1 Control Message Handling Code Overflow

The remote host is running INN 2.4.0. There is a known security flaw in this version of INN that could allow an attacker to execute arbitrary code on this server. C Tenable Network Security, Inc. Ref: http://www.isc.org/products/INN/ include"compat.inc"; ifdescription scriptid11984; scriptversion...

CVE-2002-0525

Format string vulnerabilities in 1 inews or 2 rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses...