Format String Vulnerabilities in INN 2.2.3 and Earlier: Exploiting INN's inews and rnews for Privilege Escalation

Format String Vulnerabilities in INN 2.2.3 and Earlier: Exploiting INN's inews and rnews for Privilege Escalation

CVE-2002-0525 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.

Learn more about our Cis Benchmark Audit For Server Software.