Cfingerd
by Infodrom
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0609 | Cri | 0.68 | 9.8 | 0.18 | Aug 2, 2001 | Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function. | ||
| CVE-2001-0735 | 0.03 | — | 0.02 | Oct 18, 2001 | Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file. | |||
| CVE-1999-0708 | 0.03 | — | 0.01 | Sep 21, 1999 | Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. | |||
| CVE-1999-0813 | 0.00 | — | 0.00 | Aug 10, 1999 | Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges. | |||
| CVE-1999-0259 | 0.00 | — | 0.01 | May 23, 1997 | cfingerd lists all users on a system via search.**@target. |
- risk 0.68cvss 9.8epss 0.18
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.
- CVE-2001-0735Oct 18, 2001risk 0.03cvss —epss 0.02
Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.
- CVE-1999-0708Sep 21, 1999risk 0.03cvss —epss 0.01
Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.
- CVE-1999-0813Aug 10, 1999risk 0.00cvss —epss 0.00
Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.
- CVE-1999-0259May 23, 1997risk 0.00cvss —epss 0.01
cfingerd lists all users on a system via search.**@target.