NNTP Server Message Header Handling Remote Overflow

high Nessus Plugin ID 17228

Language:

Synopsis

The remote service is vulnerable to a buffer overflow.

Description

Nessus was able to crash the remote NNTP server by sending a message with long headers.

This flaw is probably a buffer overflow and might be exploitable to run arbitrary code on this machine.

Solution

Apply the latest patches from your vendor or use different software.

Plugin Details

Severity: High

ID: 17228

File Name: nntp_too_long_headers.nasl

Version: 1.13

Type: remote

Family: Gain a shell remotely

Published: 2/28/2005

Updated: 8/5/2020

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Settings/ExperimentalScripts

Exploited by Nessus: true

Detections

Analytics