Cfingerd
Sign in to watchby Infodrom
CVEs (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2001-0609 | Cri | 0.67 | 9.8 | 0.10 | Aug 2, 2001 | Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function. | |
| CVE-2001-0735 | 0.03 | — | 0.00 | Oct 18, 2001 | Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file. | ||
| CVE-1999-0708 | 0.03 | — | 0.00 | Sep 21, 1999 | Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. | ||
| CVE-1999-0813 | 0.00 | — | 0.00 | Aug 10, 1999 | Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges. | ||
| CVE-1999-0259 | 0.00 | — | 0.01 | May 23, 1997 | cfingerd lists all users on a system via search.**@target. |