22 matches found
EUVD-2002-1768
Malware in sbrugna...
CVE-2002-1789
Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function...
Fedora Update for newsx FEDORA-2008-6321
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for newsx FEDORA-2008-6319
Check for the Version of newsx OpenVAS Vulnerability Test Fedora Update for newsx FEDORA-2008-6319 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Fedora Update for newsx FEDORA-2008-6319
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for newsx FEDORA-2008-6321
Check for the Version of newsx OpenVAS Vulnerability Test Fedora Update for newsx FEDORA-2008-6321 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Debian: Security Advisory (DSA-1622-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1622-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 31, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1622-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 31, 2008 http://www.debian.org/security/faq -...
Debian DSA-1622-1 : newsx - buffer overflow
It was discovered that newsx, an NNTP news exchange utility, was affected by a buffer overflow allowing remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...
Stack overflow
Stack-based buffer overflow in the readarticle function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period...
CVE-2008-3252
Stack-based buffer overflow in the readarticle function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period...
CVE-2008-3252
Stack-based buffer overflow in the readarticle function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period...
CVE-2008-3252
CVE-2008-3252 : In newsx 1.6, a stack-based buffer overflow in read_article (getarticle.c) allows remote code execution when processing a news article containing a large number of lines starting with a period. The issue is triggered by the pathological article input, leading to arbitrary code exe...
Newsx read_article()函数栈溢出漏洞
BUGTRAQ ID: 30231 NewsX NNTP客户端是一款用于访问Internet News服务器的程序。 NewsX处理畸形服务端回应数据时存在漏洞,如果运行NewsX获得新闻组的话,就可能触发栈溢出,导致客户端崩溃。 漏洞起因是在src/getarticle.c文件中: static int readarticlelong where,char group char linebufMAXHEADERSIZE+1, line; ... line=linebuf; ... for ;; if !getservermsgline, MAXHEADERSIZE ... if...
newsx 'read_article()'缓冲区溢出漏洞
BUGTRAQ ID: 30231 CNCAN ID:CNCAN-2008071603 NewsX NNTP客户端是一款用于访问Internet News服务器的程序。 NewsX 'readarticle'存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 问题代码如下: --- src/getarticle.c --- static int readarticlelong where,char group char linebufMAXHEADERSIZE+1, line; ... line=linebuf; ... for ;; if...
Fedora 8 : newsx-1.6-8.fc8 (2008-6319)
Sat Jul 12 2008 Dominik Mierzejewski 1.6-8 - fixed stack-based buffer overflow in getarticle.c 454483 - URL no longer exists - restored the use of history Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
[SECURITY] Fedora 8 Update: newsx-1.6-8.fc8
Newsx is an NNTP client that will connect to a remote NNTP server and post outgoing news articles batched by the news system e.g. INN, as well as fetch incoming articles...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in news.php in QLnews 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 autorx and 2 newsx parameters...
CVE-2002-1789
Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function...