6 matches found
Mandrake Linux Security Advisory : inn (MDKSA-2000:016)
A vulnerability exists when verifycancels is enabled in /etc/news/inn.conf. This vulnerability could be used to gain root access on any system with inn installed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandra...
Mandrake Linux Security Advisory : inn (MDKSA-2000:023)
A vulnerability exists when verifycancels is enabled in /etc/news/inn.conf. This vulnerability could be used to gain root access on any system with inn installed. This new version also does not install inews as setgid news or rnews as setuid root. Many other security paranoia fixes have been made...
Debian Security Advisory DSA 023-1 (inn2)
The remote host is missing an update to inn2 announced via advisory DSA 023-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ISC innd 2.x - Remote Buffer Overflow
ISC innd 2.x - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/1316/info innd 2.2.2 contains a remotely exploitable buffer overflow in code reached when a cancel request is sent to the "control" newsgroup, under the following condition: the cancel request contains a valid...
ISC innd 2.x - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/1316/info innd 2.2.2 contains a remotely exploitable buffer overflow in code reached when a cancel request is sent to the "control" newsgroup, under the following condition: the cancel request contains a valid Message-ID but the From/Sender fields diff...
INN < 2.2.3 verifycancels Option Cancel Request Message Overflow
The remote version of INN is between 2.0 and 2.2.2 There is a known security flaw in this version of INN which may allow an attacker to execute arbitrary code on this server is the option 'verifycancels' is enabled in inn.conf C Tenable Network Security, Inc. include"compat.inc"; ifdescription...