INN < 2.2.2 Crafted Article Handling Remote Overflow

This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.


Synopsis :

The remote host is affecred by a remote buffer overflow vulnerability.

Description :

The remote host is running INN (InterNetNews).

The remote version of this server does not do proper bounds checking.
An attacker may exploit this issue to crash the remote service by overflowing
some of the buffers by sending a maliciously formatted news article.

See also :

http://www.nessus.org/u?c352440e

Solution :

Upgrade to version 2.2.2 of this service or newer

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:ND)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 14683 (inn_buff_overflow.nasl)

Bugtraq ID: 1249

CVE ID: CVE-2000-0360