Vulnerabilities > CVE-2000-0472 - Remote Buffer Overflow vulnerability in ISC innd 2.x
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Exploit-Db
description | ISC innd 2.x Remote Buffer Overflow Vulnerability. CVE-2000-0472. Remote exploit for linux platform |
id | EDB-ID:19998 |
last seen | 2016-02-02 |
modified | 2000-06-12 |
published | 2000-06-12 |
reporter | Michal Zalewski |
source | https://www.exploit-db.com/download/19998/ |
title | ISC innd 2.x - Remote Buffer Overflow Vulnerability |
Nessus
NASL family | Gain a shell remotely |
NASL id | INND_OVERFLOW.NASL |
description | The remote version of INN is between 2.0 and 2.2.2 There is a known security flaw in this version of INN which may allow an attacker to execute arbitrary code on this server is the option |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10436 |
published | 2000-06-07 |
reporter | This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10436 |
title | INN < 2.2.3 verifycancels Option Cancel Request Message Overflow |
code |
|
References
- ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-016.0.txt
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0003.html
- http://archives.neohapsis.com/archives/bugtraq/2000-07/0097.html
- http://archives.neohapsis.com/archives/bugtraq/2000-07/0298.html
- http://archives.neohapsis.com/archives/bugtraq/2000-07/0330.html
- http://www.securityfocus.com/bid/1316
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4615