A buffer overflow has been discovered in a portion of the control message handling code introduced in INN 2.4.0. It is likely that this overflow could be remotely exploited to gain access to the user innd runs as. INN versions 2.3.x and below are not affected.
9befdf456af553054592d9d0d38512343a4fd2cc6e31c329cb87acae468e35eb