NNTP: InterNetNews Control Message Handling Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the InterNetNews application version 2.4.0. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the targeted application.
Extended Description
ISC has reported a remotely exploitable buffer overrun in INN. This issue exists in the control message handling code that was introduced into version 2.4.0. It may possible to exploit this issue to execute arbitrary code in the context of the innd process. It should be noted that innd is designed to drop privileges after binding to port 119, so successful exploitation would typically only yield the privileges of the news user.
Affected Products
Isc inn
Short Name
NNTP:OVERFLOW:INN-CONTROL-MSG
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
NNTP
Keywords
Buffer CVE-2004-0045 Control Handling InterNetNews Message Overflow bid:9382
Release Date
11/05/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Isc
CVSS Score
7.5