Newspost < 2.0-r1 socket_getline Function Remote Overflow
Medium Nessus Network Monitor Plugin ID 2585
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote host is using the Newspost NNTP client. Newspost is used to automate the sending of binary files to different NNTP servers. There is a flaw in this version of Newspost that would allow the operator of a malicious news server to create a buffer overflow within the Newspost client. In order to execute this attack, the attacker would need to be able to convince a Newspost user to submit a post to the malicious NNTP server.
SolutionUpgrade to version 2.0-r1 or higher.