Vulnerability Name:

CVE-2001-0441 (CCN-6213)

Assigned:2001-03-09
Published:2001-03-09
Updated:2017-12-19
Summary:Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-01:37
slrn contains remotely-exploitable buffer overflow

Source: FREEBSD
Type: Patch, Vendor Advisory
FreeBSD-SA-01:37

Source: CCN
Type: Conectiva Linux Announcement CLSA-2001:383
Remote buffer overflow in slrn

Source: MITRE
Type: CNA
CVE-2001-0441

Source: CONECTIVA
Type: UNKNOWN
CLA-2001:383

Source: BUGTRAQ
Type: UNKNOWN
20010316 Immunix OS Security update for slrn

Source: CCN
Type: Immunix OS Security Advisory IMNX-2001-70-007-01
slrn

Source: CCN
Type: RHSA-2001-028
buffer overflow in slrn

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-040

Source: DEBIAN
Type: DSA-040
slrn -- buffer overflow

Source: MANDRAKE
Type: Patch, Vendor Advisory
MDKSA-2001:028

Source: CCN
Type: OSVDB ID: 13877
slrn News Reader Long Message Header Multiple Function Overflow

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2001:028

Source: BID
Type: UNKNOWN
2493

Source: CCN
Type: BID-2493
SLRN Long Header Buffer Overflow Vulnerability

Source: CCN
Type: MandrakeSoft Security Advisory MDKSA-2001:028
slrn

Source: XF
Type: UNKNOWN
slrn-wrapping-bo(6213)

Source: XF
Type: UNKNOWN
slrn-wrapping-bo(6213)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:debian:debian_linux:*:*:*:*:*:*:*:* (Version <= 2.2)
  • OR cpe:/o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:redhat:linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    debian debian linux *
    mandrakesoft mandrake linux 6.0
    mandrakesoft mandrake linux 6.1
    mandrakesoft mandrake linux 7.0
    mandrakesoft mandrake linux 7.1
    mandrakesoft mandrake linux 7.2
    mandrakesoft mandrake linux corporate server 1.0.1
    redhat linux 6.2
    redhat linux 7.0
    redhat linux 6.0
    redhat linux 6.1
    redhat linux 6.2
    debian debian linux 2.2
    redhat linux 7
    freebsd freebsd 3.5.1
    freebsd freebsd 4.2
    redhat linux 7.1
    redhat linux 7.2
    redhat linux 7.3