CVE-1999-0247

Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands...

EUVD-1999-0247

Malware in sbrugna...

SUSE CVE-2012-3523

The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection"...

CVE-2012-3523

The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection"...

DEBIAN-CVE-2012-3523

The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection"...

CVE-2012-3523

The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection"...

CVE-2012-3523

CVE-2012-3523 affects nnrpd (INN) prior to 2.5.3, where STARTTLS does not properly restrict I/O buffering. This enables MITM attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is established (plaintext command injection), related to CVE...

CVE-2012-3523

The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection"...

inn -- plaintext command injection into encrypted channel

INN developers report: Fixed a possible plaintext command injection during the negotiation of a TLS layer. The vulnerability detailed in CVE-2011-0411 affects the STARTTLS and AUTHINFO SASL commands. nnrpd now resets its read buffer upon a successful negotiation of a TLS layer. It prevents...

CVE-1999-0247

Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands...

CVE-1999-0247

The CVE-1999-0247 entry concerns the INN project’s nnrpd component, where a buffer overflow in nnrpd (INN up to version 1.6) can allow remote commands to be executed. The connected sources confirm the affected software (nnrpd) and the underlying issue (buffer overflow) that enables arbitrary comm...

CVE-1999-0247

Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands...