NNTP Server Password Handling Remote Overflow

high Nessus Plugin ID 17229

Synopsis

The remote service is vulnerable to a buffer overflow.

Description

Nessus was able to crash the remote NNTP server by sending a too long password.

This flaw is probably a buffer overflow and might be exploitable to run arbitrary code on this machine.

Solution

Apply the latest patches from your vendor or use different software.

Plugin Details

Severity: High

ID: 17229

File Name: nntp_too_long_password.nasl

Version: Revision: 1.15

Type: remote

Published: 2/28/2005

Updated: 3/21/2017

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P