Signature Detail
Short Name |
NNTP:OVERFLOW:INN-CONTROL-MSG |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
NNTP |
Keywords |
InterNetNews Control Message Handling Buffer Overflow |
Release Date |
2012/11/05 |
Update Number |
2200 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
NNTP: InterNetNews Control Message Handling Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the InterNetNews application version 2.4.0. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the targeted application.
Extended Description
ISC has reported a remotely exploitable buffer overrun in INN. This issue exists in the control message handling code that was introduced into version 2.4.0. It may possible to exploit this issue to execute arbitrary code in the context of the innd process. It should be noted that innd is designed to drop privileges after binding to port 119, so successful exploitation would typically only yield the privileges of the news user.
Affected Products
- ISC INN 2.4.0 .0
References
- BugTraq: 9382
- BugTraq: 9382
- CVE: CVE-2004-0045