MidnightBSD

Advisories for slrn_development_team

CVE-2001-1035 HIGH

Binary decoding feature of slrn 0.9 and earlier allows remote attackers to execute commands via shell scripts that are inserted into a news post.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
slrn_development_team slrn *
CVE-2002-0740 HIGH

Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
slrn_development_team slrn 0.9.6.4
slrn_development_team slrn 0.9.6.3
slrn_development_team slrn 0.9.6.2