Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-1442

7 documents6 sources
Severity
4.6MEDIUM
EPSS
0.4%
top 36.81%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
ISC INN
Timeline
PublishedApr 21
Latest updateApr 30

Description

Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" group to gain privileges via a long -c command line argument.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

Debianinn2< 2.3.3+20020922-1+3
NVDisc/inn6 versions+5

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

3
GHSA
GHSA-wffw-62v7-rrv7: Buffer overflow in innfeed for ISC InterNetNews (INN) before 22022-04-30
CVEList
CVE-2001-1442: Buffer overflow in innfeed for ISC InterNetNews (INN) before 22005-04-21
OSV
CVE-2001-1442: Buffer overflow in innfeed for ISC InterNetNews (INN) before 22001-04-21

💥Exploits & PoCs

2
Exploit-DB
ISC INN 2.x - Command-Line Buffer Overflow (2)2001-04-18
Exploit-DB
ISC INN 2.x - Command-Line Buffer Overflow (1)2001-04-18

📋Vendor Advisories

1
Debian
CVE-2001-1442: inn2 - Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local ...2001
CVE-2001-1442 (MEDIUM CVSS 4.6) | Buffer overflow in innfeed for ISC | cvebase.io