[] NeoSense
E X P L O I T S
title author type platform port cve id

ISC INN 2.0/2.1/2.2.x - Multiple Local Format String Vulnerabilities

Author: Paul Starzetz
type: local
platform: linux
port: 
date_added: 2002-04-11 
date_updated: 2012-09-23 
verified: 1 
codes: CVE-2002-0525;OSVDB-6873 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/4501/info

The Internet Software Consortium (ISC) Internet News (INN) project is a powerful, mature implementation of a usenet system, including a NNTP server and a newsreading server. It is available for a wide range of Unix based systems, including Linux.

Multiple vulnerabilities have been reported in two components of INN, inews and rnews. Reportedly, both are vulnerable to locally exploitable format string problems. Under some systems these binaries may be installed suid root or sgid news, allowing a local attacker to gain elevated privileges.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21375.tar.gz
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.