NNTP: XPAT Pattern Overflow
This signature detects attempts to exploit a known vulnerability in Microsoft NNTP servers. Attackers can send an xpat command with an overly long pattern to overflow the buffer in the NNTP server and gain complete control of the target system.
Extended Description
The Microsoft Network News Transfer Protocol (NNTP) Component is prone to a buffer overflow condition. Successful exploitation of this vulnerability could allow remote code execution in the context of the process accessing the vulnerable component.
Affected Products
Avaya s8100_media_servers,Microsoft exchange_server_2000
Short Name
NNTP:OVERFLOW:XPAT-PATTERN
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
NNTP
Keywords
CVE-2004-0574 Overflow Pattern XPAT bid:11379
Release Date
10/14/2004
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3713
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
10.0