CVE-1999-0813

Cfingerd with ALLOWEXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges...

cfingerd buffer overflow

Buffer overflow on request parsing...

Debian Security Advisory DSA 066-1 (cfingerd)

The remote host is missing an update to cfingerd announced via advisory DSA 066-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

cfingerd 1.4 - Format String (2)

cfingerd 1.4 - Format String 2 // source: https://www.securityfocus.com/bid/2576/info A format string bug in the logging facility of the cfingerd "Configurable Finger Daemon" allows remote users to attain root privileges and execute arbitrary code. cfingerd queries and logs the remote username of...

cfingerd 1.4 - Format String (1)

cfingerd 1.4 - Format String 1 source: https://www.securityfocus.com/bid/2576/info A format string bug in the logging facility of the cfingerd "Configurable Finger Daemon" allows remote users to attain root privileges and execute arbitrary code. cfingerd queries and logs the remote username of...

cfingerd.txt

Date: Thu, 23 Jul 1998 23:48:21 -0500 From: John Goerzen Subject: CFINGERD root security hole SUMMARY ------- I have found out that cfingerd 1.3.2 contains a security hole that could lead to easy root compromise for any user that has an account on the local machine, but only if ALLOWEXECUTION is...