|
| TC: | 11203 | |
| Description: | INN is ISC popular NNTP server for Unix. Version 2.2.1 does not check bounds properly. As a result, it crashes the server. | |
| TC Impact: | Gather Info | |
| Service: | nntp |
| Vulnerability Publication: | November 24, 1999 | |
| Advisory Copyright: | Unknown | |
| Summary: | It is possible to crash your INN server by sending long requests. | |
| Risk: | Medium | |
| CVSS 2.0 metrics: | Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial | |
| CVSS 2.0 Base Score: | 5.0 |
| Vulnerability Impact: |
Gain Root |
|---|
| Host Impact: | NNTP server may crash. | |
| Nature of Remediation: | Update the software. |
| Step required to fix the reported vulnerability: | |
***** Solution type: Undefined ***** S.u.S.E. has released updated RPMs for S.u.S.E. 6.1, 6.2, and 6.3. ISC INN 2.2.1: S.u.S.E. RPM 6.1 alpha inn.rpm ftp://ftp.suse.com/pub/suse/axp/update/6.1/n1/inn.rpm S.u.S.E. RPM 6.1 i386 inn.rpm ftp://ftp.suse.com/pub/suse/i386/update/6.1/n1/inn.rpm S.u.S.E. RPM 6.2 i386 inn.rpm ftp://ftp.suse.com/pub/suse/i386/update/6.2/n1/inn.rpm S.u.S.E. RPM 6.3 i386 inn.rpm ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/inn.rpm. |
| References: | ||
| Caldera advisory : http://www.calderasystems.com/support/security/advisories/CSSA-1999-038.0.txt SuSE advisory : http://www.suse.de/de/support/security/suse_security_announce_34.txt See also : http://www.securityfocus.com/bid/1249 Product page : http://www.isc.org/products/INN/ |
| CVE Link: |
CVE-2000-0360 |
 |
|---|
| Glossary: |
Buffer Overflow |
|---|