ISC innd 2.x 远程缓冲区溢出漏洞

漏洞信息详情

ISC innd 2.x 远程缓冲区溢出漏洞

• CNNVD编号：CNNVD-200002-033
• 危害等级： 低危
  
  
• CVE编号：
  CVE-2000-0472
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2000-02-06
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  isc
• 漏洞来源：
  Posted to BugTraq …

innd 2.2.2版本存在缓冲区溢出漏洞。远程攻击者借助取消包含超长消息ID的请求可以执行任意命令。

ISC has released the newest version of INN – 2.2.3 – which fixes this issue.
ISC INN 2.2.2

• ISC inn-2.2.3.tar.gzMD5: 0c0f71d79cc2b4fbd5bad4a7f093f53f
  ftp://ftp.isc.org/isc/inn/inn-2.2.3.tar.gz
• Russ Allbery inn222.patch
  
  http://www.securityfocus.com/data/vulnerabilities/patches/inn222.patch
  

来源: XF
名称: innd-cancel-overflow
链接:http://xforce.iss.net/static/4615.php

来源: BID
名称: 1316
链接:http://www.securityfocus.com/bid/1316

来源: BUGTRAQ
名称: 20000722 MDKSA-2000:023 inn update
链接:http://archives.neohapsis.com/archives/bugtraq/2000-07/0330.html

来源: BUGTRAQ
名称: 20000721 [ANNOUNCE] INN 2.2.3 available
链接:http://archives.neohapsis.com/archives/bugtraq/2000-07/0298.html

来源: BUGTRAQ
名称: 20000707 inn update
链接:http://archives.neohapsis.com/archives/bugtraq/2000-07/0097.html

来源: BUGTRAQ
名称: 20000106 innd 2.2.2 remote buffer overflow
链接:http://archives.neohapsis.com/archives/bugtraq/2000-06/0003.html

来源: CALDERA
名称: CSSA-2000-016.0
链接:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-016.0.txt