FreeBSD Ports: Newspost Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://people.freebsd.org/~niels/issues/newspost-20050114.txt http://www.vuxml.org/freebsd/7f13607b-6948-11d9-8937-00065be4b5b6.html

Insight

The following package is affected: newspost CVE-2005-0101 Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character.

Severity

Classification

CVE CVE-2005-0101

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: acroread, acroread4, acroread5
FreeBSD Ports: axel
FreeBSD Ports: bogofilter
FreeBSD Ports: cacti
FreeBSD Ports: apache+mod_ssl

FreeBSD Ports: newspost

Take action and discover your vulnerabilities