CVE-2002-0525 Information

Description

Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-04/0140.html http://www.iss.net/security_center/static/8834.php http://www.securityfocus.com/bid/4501