Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 NNTP:INN:INND-OF2

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 NNTP

Keywords

 NNTP

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

NNTP: INND Remote Buffer Overflow (2)


This signature detects attempts to exploit a known vulnerability against the INND daemon that ships by default with RedHat 6.2. Versions INND 2.2.2 and 2.2.3 are vulnerable; earlier 2.x versions might also be vulnerable. A successful attacker can gain root access.

Extended Description

innd 2.2.2 contains a remotely exploitable buffer overflow in code reached when a cancel request is sent to the "control" newsgroup, under the following condition: the cancel request contains a valid Message-ID but the From/Sender fields differ between the cancel request and the post referenced by the Message-ID. This attack only works against machines running INN with "verifycancels = true"

Affected Products

  • ISC INN 2.0.0
  • ISC INN 2.1.0
  • ISC INN 2.2.0
  • ISC INN 2.2.1
  • ISC INN 2.2.2

References

  • BugTraq: 1316
  • CVE: CVE-2000-0472
  • URL: http://online.securityfocus.com/archive/1/63549
  • URL: http://online.securityfocus.com/advisories/2312
  • URL: http://online.securityfocus.com/advisories/2391

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out