14 matches found
CVE-1999-0043
CVE-1999-0043 affects the INN daemon (innd) v1.5, where command execution is possible via shell metacharacters in control messages (e.g., "newgroup", "rmgroup"). Documents consistently reference INN 1.5 and shell metachar vulnerabilities; remediation guidance appears as upgrading to 1.6 or later....
CVE-2012-3523
CVE-2012-3523 affects nnrpd (INN) prior to 2.5.3, where STARTTLS does not properly restrict I/O buffering. This enables MITM attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is established (plaintext command injection), related to CVE...
CVE-1999-0100
CVE-1999-0100 relates to remote access in AIX innd 1.5.1 via manipulation of control messages. Public entries consistently describe a network-exposed vulnerability with no authentication, impacting confidentiality, integrity, and availability. The Red Hat/SUSE/PT Security records corroborate the ...
CVE-2001-1442
CVE-2001-1442 affects ISC InterNetNews (INN) via a buffer overflow in innfeed prior to 2.3.0. Local users in the news group can gain privileges through a long -c argument. Reports across CVE listings confirm the impact but no public exploitation details or patches are included in the provided doc...
CVE-2004-0045
CVE-2004-0045 affects the InterNetNews INN 2.4.0 NNTP server component (control message handling). A boundary/overflow condition in the ARTpost function within art.c can allow a remote attacker to execute arbitrary code. Public advisories (e.g., Slackware SSA 2004-014-02) note a fixed package upd...
CVE-1999-0706
The CVE-1999-0706 entry concerns the Linux xmonisdn package, where local users can gain root privileges by modifying environment variables IFS or PATH. The Red Hat and NVD records confirm the same description. Root access is achieved through manipulating search paths and IFS, enabling privilege e...
CVE-1999-0705
CVE-1999-0705 concerns a buffer overflow in INN inews. The interconnected sources indicate multiple vulnerabilities in INN
CVE-1999-0247
The CVE-1999-0247 entry concerns the INN project’s nnrpd component, where a buffer overflow in nnrpd (INN up to version 1.6) can allow remote commands to be executed. The connected sources confirm the affected software (nnrpd) and the underlying issue (buffer overflow) that enables arbitrary comm...
CVE-1999-0868
CVE-1999-0868 concerns ucbmail where remote attackers can execute commands by supplying shell metacharacters to ucbmail via INN. Multiple connected sources (Red Hat, CVE/CVEList, NVD) reiterate the same vulnerability description but do not provide concrete fix versions or patches within the suppl...
CVE-2002-0525
The CVE-2002-0525 entry corresponds to a format string vulnerability in INN components (inews or rnews) affecting INN 2.2.3 and earlier. The underlying issue is format string specifiers in NNTP (NTTP) responses, which could allow a local user or a remote malicious NNTP server to gain privileges. ...
CVE-2000-0360
INN buffer overflow (CVE-2000-0360) affects INN servers prior to 2.2.2, where the remote server fails to perform proper bounds checking, allowing a remote attacker to crash the service by sending a maliciously formatted news article. Public sources (NVD/Nessus/OpenVAS) corroborate a remote DoS ri...
CVE-1999-0754
CVE-1999-0754 concerns the INN inndstart program, where local users can gain privileges by specifying an alternate configuration file via the INNCONF environment variable. The available connected records confirm this vulnerability exists in INN’s inndstart component and describe the privilege-esc...
CVE-2000-0472
CVE-2000-0472 describes a buffer overflow in INN (innd) 2.2.2 that allows a remote attacker to execute arbitrary commands via a cancel request containing a long message ID. Documents indicate the impact is remote code execution and that remediation is to upgrade to version 2.2.3 or disable the ve...
CVE-1999-0785
The CVE-1999-0785 entry concerns the INN inndstart component, where a local attacker can gain root privileges through the pathrun parameter in the inn.conf file. This aligns across NVD/Red Hat/CVE records. The vulnerability enables local privilege escalation by manipulating configuration to influ...