GEN:SID 1:1792
Message NNTP return code buffer overflow attempt
Summary This event is generated when an attempt is made to exploit a known
vulnerability in Mnews.
Impact Serious. Execution of arbitrary code is possible.
Detailed Information A buffer overflow condition exists in Mnews, an NNTP and mail client.
The overflow can be caused by a server sending enough data with a 200
response to overwrite stack memory and so present the attacker with the
oppotunity to execute code of their choosing.
Affected Systems FreeBSD 4.1
    FreeBSD 4.2
    FreeBSD 4.3
    FreeBSD 4.4
    FreeBSD 4.5
Attack Scenarios The attacker needs to send enough extra data with the 200 response from
a server to cause the overflow.
Ease of Attack Moderate.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0909

Bugtraq:
http://www.securityfocus.com/bid/4900
Rule References bugtraq: 4900
cve: 2002-0909