Vulnerabilities > CVE-2002-0525 - Local Format String Vulnerabilties in ISC INN

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

isc

critical

exploit available

NVD

Published: 2002-08-12

Updated: 2008-09-05

Summary

Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.

Vulnerable Configurations

Part	Description	Count
Application	Isc ISC INN 2.0 ISC INN 2.1 ISC INN 2.2 ISC INN 2.2.1 ISC INN 2.2.2 ISC INN 2.2.3	6

Exploit-Db

description	ISC INN 2.0/2.1/2.2.x Multiple Local Format String Vulnerabilties. CVE-2002-0525. Local exploit for linux platform
id	EDB-ID:21375
last seen	2016-02-02
modified	2002-04-11
published	2002-04-11
reporter	Paul Starzetz
source	https://www.exploit-db.com/download/21375/
title	ISC INN 2.0/2.1/2.2.x - Multiple Local Format String Vulnerabilties

Summary

Vulnerable Configurations

Exploit-Db

References