Inn Security Vulnerabilities and Issues — Inn CVE List

Lucene search

IscInn

14 matches found

CVE•added 1999/09/29 4:0 a.m.•65 views

CVE-1999-0043

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

10CVSS7.2AI score0.01593EPSS

CVE•added 2004/09/01 4:0 a.m.•55 views

CVE-2004-0045

Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code.

7.5CVSS7.7AI score0.35328EPSS

CVE•added 1999/09/29 4:0 a.m.•54 views

CVE-1999-0100

Remote access in AIX innd 1.5.1, using control messages.

10CVSS7.4AI score0.01322EPSS

CVE•added 2005/04/21 4:0 a.m.•54 views

CVE-2001-1442

Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" group to gain privileges via a long -c command line argument.

4.6CVSS6.9AI score0.0044EPSS

CVE•added 2000/01/04 5:0 a.m.•52 views

CVE-1999-0705

Buffer overflow in INN inews program.

7.5CVSS6.9AI score0.06629EPSS

CVE•added 2002/08/12 4:0 a.m.•52 views

CVE-2002-0525

Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.

10CVSS7.4AI score0.02083EPSS

CVE•added 2000/10/13 4:0 a.m.•50 views

CVE-1999-0247

Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands.

7.5CVSS7.8AI score0.02516EPSS

CVE•added 2000/04/27 4:0 a.m.•50 views

CVE-1999-0706

Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.

7.5CVSS7AI score0.00862EPSS

CVE•added 2000/01/04 5:0 a.m.•50 views

CVE-1999-0868

ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.

7.2CVSS8.2AI score0.00168EPSS

CVE•added 2000/10/20 4:0 a.m.•49 views

CVE-2000-0360

Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article.

5CVSS6.8AI score0.01469EPSS

CVE•added 2012/11/11 1:0 p.m.•49 views

CVE-2012-3523

The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" a...

6.8CVSS6.8AI score0.6945EPSS

CVE•added 2000/06/02 4:0 a.m.•45 views

CVE-1999-0754

The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable.

10CVSS7AI score0.00743EPSS

CVE•added 2000/10/13 4:0 a.m.•43 views

CVE-2000-0472

Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID.

3.6CVSS7.8AI score0.04931EPSS

CVE•added 2000/03/22 5:0 a.m.•36 views

CVE-1999-0785

The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file.

7.2CVSS6.9AI score0.00107EPSS