ISC INN 2.0/2.1/2.2.x Multiple Local Format String Vulnerabilties

No description provided by source. source: http://www.securityfocus.com/bid/4501/info The Internet Software Consortium ISC Internet News INN project is a powerful, mature implementation of a usenet system, including a NNTP server and a newsreading server. It is available for a wide range of Unix...

SunOS <= 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the caller'...

Rnews Feed Aggregator v1.01 (search/index) SQL Injection Vulnerability

Exploit for php platform in category web applications ====================================================================== Rnews Feed Aggregator v1.01 search/index SQL Injection Vulnerability ====================================================================== Scriptname.......: Rnews v1.01...

CVE-2002-0525

The CVE-2002-0525 entry corresponds to a format string vulnerability in INN components (inews or rnews) affecting INN 2.2.3 and earlier. The underlying issue is format string specifiers in NNTP (NTTP) responses, which could allow a local user or a remote malicious NNTP server to gain privileges. ...

CVE-2002-0526

CVE-2002-0526 describes a vulnerability in the INN components (1) inews or (2) rnews for INN versions 2.2.3 and earlier, caused by insecure open() calls. The NVD metrics indicate a LOCAL attack with LOW complexity and no authentication, and potential COMPLETE impact on confidentiality, integrity,...