Multiple buffer overflows in mnews 1.22 and previous versions allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
matsushita research mnews |