INN < 2.2.3 verifycancels Option Cancel Request Message Overflow

Low Nessus Plugin ID 10436


The remote host is affected by a remote buffer overflow vulnerability.


The remote version of INN is between 2.0 and 2.2.2

There is a known security flaw in this version of INN which may allow an attacker to execute arbitrary code on this server is the option 'verifycancels' is enabled in inn.conf


Upgrade to version 2.2.3 or make sure that the option verifycancel is disabled on this server.

See Also

Plugin Details

Severity: Low

ID: 10436

File Name: innd_overflow.nasl

Version: $Revision: 1.19 $

Type: remote

Published: 2000/06/07

Modified: 2016/10/27

Dependencies: 17975

Risk Information

Risk Factor: Low


Base Score: 3.6

Temporal Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:U/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2000/06/06

Reference Information

CVE: CVE-2000-0472

BID: 1316

OSVDB: 338