Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:1538 |
Message | NNTP AUTHINFO USER overflow attempt |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in the Cassandra NNTP server. |
Impact | Denial of Service (DoS) |
Detailed Information | A vulnerability exists in the Cassandra NNTP server for Windows such that an unusually long login name will cause a DoS condition to occur. This is due to an unchecked buffer in the code that handles login attempts. A login name that exceeds 10 000 characters will trigger the overflow. |
Affected Systems | Atrium Software Cassandra NNTP Server 1.10 |
Attack Scenarios | An attacker needs to supply a login username containing 10 000 or more characters to cause the DoS. |
Ease of Attack | Simple. No exploit software is required. |
Corrective Action | Upgrade to the latest non-affected version of the software. |
Additional References | Bugtraq: http://www.securityfocus.com/bid/1156 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0341 |
Rule References | arachnids: 274 bugtraq: 1156 cve: 2000-0341 nessus: 10388 |
--
DID:611260
--
http://www.aanval.com/