Back to search
CVE-2002-0909
Published: Aug 31, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20020531 Mnews 1.22 PoC exploit
mailing-list
x_refsource_BUGTRAQ
4900
vdb-entry
x_refsource_BID
4899
vdb-entry
x_refsource_BID
mnews-multiple-local-bo(9227)
vdb-entry
x_refsource_XF
20020531 SRT Security Advisory (SRT2002-04-31-1159): Mnews
mailing-list
x_refsource_BUGTRAQ
20020531 Mnews 1.22 PoC exploit
mailing-list
x_refsource_VULN-DEV
mnews-nntp-response-bo(9226)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now