nntp software vulnerabilities

Searching nntp software vulnerabilities

Microsoft Exchange Server 5.5 and 5.0 does not

Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).

Format string vulnerabilities in (1) inews or (

vulnerabilities | string | Format |

Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.

Multiple buffer overflows in mnews 1.22 and ear

overflows | Multiple | buffer | mnews |

Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER.

Format string vulnerability in log_doit functio

Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response.

Format string vulnerability in the nn_exitmsg f

Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.

Format string vulnerability in newsx NNTP clien

Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function.

The fetchnews NNTP client in leafnode 1.9.3 to

fetchnews | leafnode | client | NNTP |

The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input.

The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP s

The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data.

Heap-based buffer overflow in MSG_UnEscapeSearc

Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.

fetchnews in leafnode 1.9.47 and earlier allows

fetchnews | leafnode |

fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an emptry NNTP news article with missing mandatory headers.

Buffer overflow in the socket_getline function

Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character.

Stack-based buffer overflow in the news reader

Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.

fetchnews in leafnode 1.9.48 to 1.11.1 allows r

fetchnews | leafnode |

fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service (crash) by closing the connection while fetchnews is reading (1) an article header or (2) an article body, which also prevents fetchnews from querying other servers.

The fetchnews NNTP client in leafnode 1.11.2 an

fetchnews | leafnode | client | NNTP |

The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).

Buffer overflow in utility.cpp in Turquoise Sup

Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month.

Stack-based buffer overflow in the HTrjis funct

Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.

Heap-based buffer overflow in Microsoft Outlook

Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.

Multiple argument injection vulnerabilities in

Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.

Multiple argument injection vulnerabilities in

Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.

Mozilla Firefox 2.0.0.6 allows remote attackers

Firefox | Mozilla |

Mozilla Firefox 2.0.0.6 allows remote attackers to execute arbitrary commands via a "single unexpected URI" within a (1) mailto, (2) nntp, (3) news, or (4) snews URI, related to improper file type handling, a variant of CVE-2007-3845. NOTE: this information is based upon a vague pre-advisory.

Software vulnerabilities results 1 to 20 of 23

Page: 12 ►

nntp software vulnerabilities

vulnerabilities.aspcode.net

Searching nntp software vulnerabilities