PT-2002-2510 · Nn · Nn

Published

2002-12-31

Updated

2008-09-05

CVE-2002-1788

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions nn versions 6.6.0 through 6.6.3

Description The issue allows remote NNTP servers to execute arbitrary code via format strings in server responses. This is due to a format string vulnerability in the nn exitmsg function.

Recommendations For nn versions 6.6.0 through 6.6.3, consider updating to a version that contains a fix for this issue, as the current version allows for the execution of arbitrary code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1788

PT-2002-2510 · Nn · Nn

CVE-2002-1788

Related Identifiers

Affected Products

References · 8