CVE-2005-0101 - Ordainable Solutions

Description

Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character.

Reference

http://people.freebsd.org/~niels/issues/newspost-20050114.txt http://www.vuxml.org/freebsd/7f13607b-6948-11d9-8937-00065be4b5b6.html http://security.gentoo.org/glsa/glsa-200502-05.xml http://secunia.com/advisories/14092/ http://www.securityfocus.com/bid/12418 http://securitytracker.com/id?1013056 http://secunia.com/advisories/14098 http://marc.info/?l=bugtraq&m=110746336728781&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/19178