GCVE - cpe:2.3:a:isc:inn:1.4unoff3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:isc:inn:1.4unoff3:*:*:*:*:*:*:*

part: a version: 1.4unoff3 update: *

Vendor	Isc (`4a2f2b37-98b6-5702-822d-72afcd17d050`)
Product	Inn (`74c14673-8aca-5c91-8d41-09c2f9470db6`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-3523`	vulnerable	2026-06-03 14:31:58.898242	Details available The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. Published: 2012-11-11T11:00:00.000Z Updated: 2024-08-06T20:05:12.721Z Open on db.gcve.eu Reference links http://www.mandriva.com/security/advisories?name=MDVSA-2012:156 http://secunia.com/advisories/50661 http://lists.opensuse.org/opensuse-updates/2012-09/msg00058.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0360`	vulnerable	2026-06-03 14:25:42.993352	Details available Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. Published: 2000-07-12T04:00:00.000Z Updated: 2024-08-08T05:14:21.453Z Open on db.gcve.eu Reference links http://www.novell.com/linux/security/advisories/suse_security_announce_34.html ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-038.0.txt http://www.securityfocus.com/bid/1249	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-0247`	vulnerable	2026-06-03 14:25:41.121890	Details available Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-01T16:34:51.632Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/1443 http://www.nai.com/nai_labs/asp_set/advisory/17_inn_avd.asp	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-0043`	vulnerable	2026-06-03 14:25:40.840232	Details available Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. Published: 1999-09-29T04:00:00.000Z Updated: 2024-08-01T20:03:35.981Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.