Bugtraq mailing list archives

Re: innd 2.2.2 remote buffer overflow

From: mibsoft () EPIX NET (Forrest J. Cavalier III)
Date: Tue, 6 Jun 2000 16:54:52 -0500


Michal Zalewski <lcamtuf () TPI PL> wrote:

Newest innd 2.2.2, probably the most popular usenet news server (as well
as previous versions) contain remotely exploitable, trivial on-stack
buffer overflow in control articles handler.


INN 1.7.x and earlier is not affected by this.  The vulnerable code appeared
in the 2.x branch.

Forrest J. Cavalier III, INN customization and consulting
        http://www.mibsoftware.com/innsup.htm
Newsrate Usenet Server monitoring measures what you get.
        http://www.mibsoftware.com/userkt/newsrate/

Current thread:

innd 2.2.2 remote buffer overflow Michal Zalewski (Jun 06)
- <Possible follow-ups>
- Re: innd 2.2.2 remote buffer overflow Russ Allbery (Jun 06)
  - Re: innd 2.2.2 remote buffer overflow Michal Zalewski (Jun 05)
- Re: innd 2.2.2 remote buffer overflow Russ Allbery (Jun 06)
- Re: innd 2.2.2 remote buffer overflow Forrest J. Cavalier III (Jun 06)