Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Newspost < 2.0-r1 socket_getline Function Remote Overflow

Medium

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is using the Newspost NNTP client. Newspost is used to automate the sending of binary files to different NNTP servers. There is a flaw in this version of Newspost that would allow the operator of a malicious news server to create a buffer overflow within the Newspost client. In order to execute this attack, the attacker would need to be able to convince a Newspost user to submit a post to the malicious NNTP server.

Solution

Upgrade to version 2.0-r1 or higher.