Signature Detail

Short Name	NNTP:VULN:ISC-2-2-2
Severity	Info
Recommended	No
Category	NNTP
Keywords	Vulnerable ISC INN Version (< 2.2.2)
Release Date	2005/02/10
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

NNTP: Vulnerable ISC INN Version (< 2.2.2)

This signature detects attempts to exploit a known vulnerability against Internet Software Consortium InterNetNews (ISC INN) server versions earlier than 2.2.2. These versions contain buffer overflow vulnerabilities. Attackers can remotely execute malicious code on the server.

Extended Description

The Inter Net News (INN) server does not do proper bounds checking. The daemon could be crashed remotely by overflowing the static buffers.

Affected Products

ISC INN 1.4.0 Sec
ISC INN 1.4.0 Sec2
ISC INN 1.4.0 Unoff3
ISC INN 1.4.0 Unoff4
ISC INN 1.5.0
ISC INN 1.5.1
ISC INN 1.7.0
ISC INN 1.7.2
ISC INN 2.0.0
ISC INN 2.1.0
ISC INN 2.2.0
ISC INN 2.2.1

References

BugTraq: 1249
CVE: CVE-2000-0360
URL: http://www.securityfocus.com/advisories/2007
URL: http://www.securityfocus.com/advisories/1889

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

NNTP: Vulnerable ISC INN Version (< 2.2.2)

Extended Description

Affected Products

References