ISC INN 1.4 do 1.5.1 News Server memory corruption

wpiseditHistoryDiffjsonxmlCTI

Podatność, która została odkryta w ISC INN 1.4 do 1.5.1. Podatnością dotknięta jest nieznana funkcja w komponencie News Server. Aktualizacja do wersji 1.7 eliminuje tę podatność.

Pole2014-06-18 15:472019-05-18 21:40
vendorISCISC
nameINNINN
version1.4/1.4sec/1.4sec2/1.4unoff3/1.4unoff4/1.5/1.5.11.4/1.4sec/1.4sec2/1.4unoff3/1.4unoff4/1.5/1.5.1
componentNews ServerNews Server
risk22
cvss2_vuldb_basescore7.57.5
cvss2_vuldb_tempscore6.56.5
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_nvd_avNN
cvss2_nvd_acLL
cvss2_nvd_auNN
cvss2_nvd_ciPP
cvss2_nvd_iiPP
cvss2_nvd_aiPP
cvss3_meta_basescore7.37.3
cvss3_meta_tempscore7.07.0
cvss3_vuldb_basescore7.37.3
cvss3_vuldb_tempscore7.07.0
date869443200 (1997-07-21)869443200 (1997-07-21)
typeAdvisoryAdvisory
company_nameNetwork AssociatesNetwork Associates
price_0day$5k-$25k$5k-$25k
nameUpgradeUpgrade
upgrade_version1.71.7
cveCVE-1999-0247CVE-1999-0247
cve_nvd_published869443200869443200
cve_nvd_summarybuffer overflow in nnrpd program in inn up to version 1.6 allows remote users to execute arbitrary commands.buffer overflow in nnrpd program in inn up to version 1.6 allows remote users to execute arbitrary commands.
securityfocus14431443
securityfocus_titleINN News Server Buffer Overflow VulnerabilityINN News Server Buffer Overflow Vulnerability
vulnerabilitycenter33053305
vulnerabilitycenter_titleBuffer Overflow in Nnrpd Program in INN <= 1.6Buffer Overflow in Nnrpd Program in INN <= 1.6
vulnerabilitycenter_severityHighHigh
vulnerabilitycenter_creationdate10726560001072656000
vulnerabilitycenter_lastupdatedate14609376001460937600
vulnerabilitycenter_reportingdate869443200869443200
xforce623623
nessus_id1012910129
nessus_filenameinn.naslinn.nasl
nessus_riskCriticalCritical
nessus_typeremoteremote
nessus_date935539200 (1999-08-25)935539200 (1999-08-25)
issproventia20024012002401
seealso13782 1481413782 14814
cwe119 (przepełnienie bufora)119 (przepełnienie bufora)
cvss3_vuldb_acLL
cvss3_vuldb_uiNN
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_vuldb_avNN
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
urlhttp://www.nai.com/nai_labs/asp_set/advisory/17_inn_avd.asp
person_nicknameFIRST
securityfocus_date869961600 (1997-07-27)
securityfocus_classBoundary Condition Error
nessus_nameINN < 1.6 Multiple Vulnerabilities
nessus_familyGain a shell remotely

PoprzedniPrzeglądKolejny

Do you want to use VulDB in your project?

Use the official API to access entries easily!