Lucene search
K

14 matches found

CVE
CVE
added 1999/09/29 4:0 a.m.87 views

CVE-1999-0043

CVE-1999-0043 affects the INN daemon (innd) v1.5, where command execution is possible via shell metacharacters in control messages (e.g., "newgroup", "rmgroup"). Documents consistently reference INN 1.5 and shell metachar vulnerabilities; remediation guidance appears as upgrading to 1.6 or later....

10CVSS7.2AI score0.44841EPSS
CVE
CVE
added 2012/11/11 11:0 a.m.77 views

CVE-2012-3523

CVE-2012-3523 affects nnrpd (INN) prior to 2.5.3, where STARTTLS does not properly restrict I/O buffering. This enables MITM attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is established (plaintext command injection), related to CVE...

6.8CVSS6.8AI score0.03233EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.71 views

CVE-1999-0100

CVE-1999-0100 relates to remote access in AIX innd 1.5.1 via manipulation of control messages. Public entries consistently describe a network-exposed vulnerability with no authentication, impacting confidentiality, integrity, and availability. The Red Hat/SUSE/PT Security records corroborate the ...

10CVSS7.4AI score0.02777EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.69 views

CVE-2001-1442

CVE-2001-1442 affects ISC InterNetNews (INN) via a buffer overflow in innfeed prior to 2.3.0. Local users in the news group can gain privileges through a long -c argument. Reports across CVE listings confirm the impact but no public exploitation details or patches are included in the provided doc...

4.6CVSS6.9AI score0.01887EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.68 views

CVE-1999-0706

The CVE-1999-0706 entry concerns the Linux xmonisdn package, where local users can gain root privileges by modifying environment variables IFS or PATH. The Red Hat and NVD records confirm the same description. Root access is achieved through manipulating search paths and IFS, enabling privilege e...

7.5CVSS7AI score0.01994EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.68 views

CVE-2004-0045

CVE-2004-0045 affects the InterNetNews INN 2.4.0 NNTP server component (control message handling). A boundary/overflow condition in the ARTpost function within art.c can allow a remote attacker to execute arbitrary code. Public advisories (e.g., Slackware SSA 2004-014-02) note a fixed package upd...

7.5CVSS7.7AI score0.08622EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.67 views

CVE-1999-0705

CVE-1999-0705 concerns a buffer overflow in INN inews. The interconnected sources indicate multiple vulnerabilities in INN

7.5CVSS6.9AI score0.04783EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.66 views

CVE-1999-0247

The CVE-1999-0247 entry concerns the INN project’s nnrpd component, where a buffer overflow in nnrpd (INN up to version 1.6) can allow remote commands to be executed. The connected sources confirm the affected software (nnrpd) and the underlying issue (buffer overflow) that enables arbitrary comm...

7.5CVSS7.8AI score0.04011EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.66 views

CVE-1999-0868

CVE-1999-0868 concerns ucbmail where remote attackers can execute commands by supplying shell metacharacters to ucbmail via INN. Multiple connected sources (Red Hat, CVE/CVEList, NVD) reiterate the same vulnerability description but do not provide concrete fix versions or patches within the suppl...

7.2CVSS8.2AI score0.01504EPSS
CVE
CVE
added 2002/06/11 4:0 a.m.65 views

CVE-2002-0525

The CVE-2002-0525 entry corresponds to a format string vulnerability in INN components (inews or rnews) affecting INN 2.2.3 and earlier. The underlying issue is format string specifiers in NNTP (NTTP) responses, which could allow a local user or a remote malicious NNTP server to gain privileges. ...

10CVSS7.4AI score0.04121EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.62 views

CVE-2000-0360

INN buffer overflow (CVE-2000-0360) affects INN servers prior to 2.2.2, where the remote server fails to perform proper bounds checking, allowing a remote attacker to crash the service by sending a maliciously formatted news article. Public sources (NVD/Nessus/OpenVAS) corroborate a remote DoS ri...

5CVSS6.8AI score0.02716EPSS
CVE
CVE
added 2000/06/02 4:0 a.m.59 views

CVE-1999-0754

CVE-1999-0754 concerns the INN inndstart program, where local users can gain privileges by specifying an alternate configuration file via the INNCONF environment variable. The available connected records confirm this vulnerability exists in INN’s inndstart component and describe the privilege-esc...

10CVSS7AI score0.02753EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.56 views

CVE-2000-0472

CVE-2000-0472 describes a buffer overflow in INN (innd) 2.2.2 that allows a remote attacker to execute arbitrary commands via a cancel request containing a long message ID. Documents indicate the impact is remote code execution and that remediation is to upgrade to version 2.2.3 or disable the ve...

3.6CVSS7.8AI score0.03721EPSS
CVE
CVE
added 2000/03/22 5:0 a.m.48 views

CVE-1999-0785

The CVE-1999-0785 entry concerns the INN inndstart component, where a local attacker can gain root privileges through the pathrun parameter in the inn.conf file. This aligns across NVD/Red Hat/CVE records. The vulnerability enables local privilege escalation by manipulating configuration to influ...

7.2CVSS6.9AI score0.00511EPSS