innd 2.2.2 remote buffer overflow

Forrest J. Cavalier III mibsoft at
Tue Jun 6 21:54:52 UTC 2000

Michal Zalewski <lcamtuf at TPI.PL> wrote:

> Newest innd 2.2.2, probably the most popular usenet news server (as well
> as previous versions) contain remotely exploitable, trivial on-stack
> buffer overflow in control articles handler.

INN 1.7.x and earlier is not affected by this.  The vulnerable code appeared
in the 2.x branch.

Forrest J. Cavalier III, INN customization and consulting
Newsrate Usenet Server monitoring measures what you get.

More information about the inn-workers mailing list