VYPR
Vendor

Infodrom

Products
2
CVEs
6
Across products
6
Status
Private

Products

2

Recent CVEs

6
  • CVE-2001-0609CriAug 2, 2001
    risk 0.68cvss 9.8epss 0.18

    Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.

  • CVE-2023-35067HigJul 25, 2023
    risk 0.49cvss 7.5epss 0.00

    Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System allows Read Sensitive Strings Within an Executable.This issue affects E-Invoice Approval System: before v.20230701.

  • CVE-2001-0735Oct 18, 2001
    risk 0.03cvss epss 0.02

    Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.

  • CVE-1999-0708Sep 21, 1999
    risk 0.03cvss epss 0.01

    Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.

  • CVE-1999-0813Aug 10, 1999
    risk 0.00cvss epss 0.00

    Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.

  • CVE-1999-0259May 23, 1997
    risk 0.00cvss epss 0.01

    cfingerd lists all users on a system via search.**@target.