CVE-2002-0525

INN <= 2.2.3 - Format String Vulnerability via NNTP Response

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0525. PoCs published by Paul Starzetz.

AI-analyzed exploit summary The provided text describes a vulnerability in ISC INN's inews and rnews components, which are susceptible to local format string attacks. These binaries may be installed with elevated privileges (suid root or sgid news), potentially allowing local privilege escalation.

Description

Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Paul Starzetz · textlocallinux
https://www.exploit-db.com/exploits/21375

The provided text describes a vulnerability in ISC INN's inews and rnews components, which are susceptible to local format string attacks. These binaries may be installed with elevated privileges (suid root or sgid news), potentially allowing local privilege escalation.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Theoretical
Target: ISC Internet News (INN) inews and rnews
No auth needed
Prerequisites: Local access to the system · Presence of vulnerable inews or rnews binaries with suid/sgid permissions
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4501
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/8834.php
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-04/0140.html

Scores

EPSS 0.0412
EPSS Percentile 89.5%

Details

Status published
Products (6)
isc/inn 2.0
isc/inn 2.1
isc/inn 2.2
isc/inn 2.2.1
isc/inn 2.2.2
isc/inn 2.2.3
Published Aug 12, 2002
Tracked Since Feb 18, 2026