| VID |
23092 |
| Severity |
30 |
| Port |
119 |
| Protocol |
TCP |
| Class |
NNTP |
| Detailed Description |
A version of INN 2.2.1 or older has been detected as running on the host.
Inter Net News (INN) version 2.2.1 and earlier are vulnerable to a buffer overflow that could allow a remote attacker to crash the server by sending a maliciously formatted news article.
* Note: This check solely relied on the version number of the remote INN server to assess this vulnerability, so this might be a false positive.
* References:
http://www.osvdb.org/displayvuln.php?osvdb_id=1353
* Platforms Affected:
INN version 2.2.1 and earlier
Linux Any version |
| Recommendation |
For SuSE Linux:
Upgrade to the latest version of inn (2.2.1-24 or later), as listed in SuSE Security Announcement #34 at http://www.suse.de/de/security/suse_security_announce_34.txt
For Caldera OpenLinux:
Upgrade to the latest version of inn (2.2.1-3 or later), as listed in Caldera Systems, Inc. Security Advisory CSSA-1999-038.0 at ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999:038.0.txt
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2000-0360 (CVE) |
| Related URL |
1249 (SecurityFocus) |
| Related URL |
4176 (ISS) |
|
