Buffer Overflow Vulnerability in ISC InterNetNews Affecting Local Users
CVE-2001-1442

Currently unrated

Key Information:

Vendor

Isc
Status
Inn
Vendor
CVE Published:
21 April 2001

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2001-1442?

A buffer overflow vulnerability exists in innfeed for ISC InterNetNews (INN) prior to version 2.3.0. This vulnerability allows local users in the 'news' group to exploit the system by providing excessively long command line arguments, specifically using the -c option. If exploited, this could potentially enable unauthorized access to privileges, compromising the security of the affected system.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2001-1442
Created by alt3kx

References

http://www.kb.cert.org/vuls/id/943536
third-party-advisoryx_refsource_CERT-VN
https://exchange.xforce.ibmcloud.com/vulnerabilities/6398
vdb-entryx_refsource_XF
http://securitytracker.com/id?1001353
vdb-entryx_refsource_SECTRACK

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability Reserved

  • Vulnerability published

.
CVE-2001-1442 : Buffer Overflow Vulnerability in ISC InterNetNews Affecting Local Users