CVE-2016-20042
Received Received - Intake

Stack Buffer Overflow in TRN 3.6-23 Enables Local Code Execution

Vulnerability report for CVE-2016-20042, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-28

Last updated on: 2026-03-28

Assigner: VulnCheck

Description

TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return address to overwrite the instruction pointer and execute shellcode with user privileges.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-28
Last Modified
2026-03-28
Generated
2026-07-06
AI Q&A
2026-03-28
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2016-20042 is a stack buffer overflow vulnerability in the Threaded USENET News Reader (trn) version 3.6-23 on Linux systems.

This vulnerability occurs when a local attacker supplies an oversized command-line argumentβ€”specifically, a crafted input containing 156 bytes of padding followed by a return addressβ€”that overflows a fixed-size buffer on the stack.

By overflowing the buffer, the attacker overwrites the saved return address (instruction pointer) on the stack, redirecting execution flow to attacker-supplied shellcode.

This allows the attacker to execute arbitrary code with the privileges of the user running the application.

Impact Analysis

This vulnerability allows a local attacker to execute arbitrary code on the affected system with the same privileges as the user running the trn application.

The impact includes full compromise of confidentiality, integrity, and availability of the system or data accessible to that user.

Since the attacker can run arbitrary shellcode, they could potentially install malware, steal sensitive information, modify or delete data, or disrupt system operations.

Detection Guidance

This vulnerability is a local stack buffer overflow in the trn 3.6-23 application, triggered by supplying an oversized command-line argument. Detection involves checking if the vulnerable version of trn is installed and monitoring for execution attempts with unusually long arguments.

One way to detect exploitation attempts is to look for trn processes started with arguments of 156 or more bytes, especially those containing repetitive characters or suspicious patterns.

Example commands to detect potentially malicious usage include:

  • Use process monitoring tools like `ps` or `pgrep` combined with argument length checks, e.g.: `ps aux | grep trn | grep -E '.{156,}'` to find trn processes with long arguments.
  • Use system auditing tools like `auditd` to log executions of trn and inspect command-line arguments for oversized inputs.
  • Run the vulnerable trn binary under a debugger (gdb) with crafted input strings (e.g., 156 'A's followed by 'DCBA') to observe segmentation faults and overwritten instruction pointers, as demonstrated in the exploit.
Mitigation Strategies

Immediate mitigation steps include preventing local attackers from executing the vulnerable trn 3.6-23 binary with crafted oversized arguments.

  • Restrict access to the trn binary by limiting execution permissions to trusted users only.
  • Remove or disable the vulnerable version of trn if it is not required.
  • Apply any available patches or upgrade to a fixed version of trn that addresses the stack buffer overflow.
  • Monitor system logs and audit records for suspicious trn executions with oversized arguments.
Compliance Impact

The vulnerability allows local attackers to execute arbitrary code with user privileges, which can lead to unauthorized access and potential compromise of confidentiality, integrity, and availability of data.

Such a compromise could negatively impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.

However, the provided context and resources do not explicitly discuss or analyze the impact of this vulnerability on compliance with these or other common standards and regulations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2016-20042. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart