Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0472

4 documents4 sources
Severity
3.6LOW
EPSS
4.9%
top 10.37%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
ISC INN
Timeline
PublishedFeb 6
Latest updateMay 3

Description

Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID.

CVSS vector

AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages1 packages

NVDisc/inn5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-3w6h-rmvf-r37v: Buffer overflow in innd 22022-05-03
CVEList
CVE-2000-0472: Buffer overflow in innd 22000-10-13

💥Exploits & PoCs

1
Exploit-DB
ISC innd 2.x - Remote Buffer Overflow2000-06-12
CVE-2000-0472 (LOW CVSS 3.6) | Buffer overflow in innd 2.2.2 allow | cvebase.io