CVE-1999-0243

Linux cfingerd could be exploited to gain root access...

EUVD-1999-0243

Malware in sbrugna...

DEBIAN-CVE-2013-1049

Buffer overflow in the RFC1413 ident client in cfingerd 1.4.3-3 allows remote IDENT servers to cause a denial of service crash and possibly execute arbitrary code via a crafted response...

CVE-2013-1049

Buffer overflow in the RFC1413 ident client in cfingerd 1.4.3-3 allows remote IDENT servers to cause a denial of service crash and possibly execute arbitrary code via a crafted response...

CVE-2001-0735

Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOWLINEPARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file...

CVE-2001-0735

Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOWLINEPARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file...

cfingerd 1.4.11.4.21.4.3 Utilities - Local Buffer Overflow (3)

cfingerd 1.4.11.4.21.4.3 Utilities - Local Buffer Overflow 3 // source: https://www.securityfocus.com/bid/2914/info cfingerd is a secure implementation of the finger daemon. cfingerd has been contributed to by many authors, and is maintained by the cfingerd development team. A buffer overflow in...

cfingerd local vulnerability (possibly root)

Hi, I sent this mail 2 weeks ago, but still didn't receive a reply. Neither did the cfingerd authors change anything on their site http://www.infodrom.ffis.de/projects/cfingerd/. So I will do my duty and report this on bugtraq. I didn't check versions prior to cfingerd 1.4.3, but I suppose they a...

cfingerd 1.4 - Format String (2)

// source: https://www.securityfocus.com/bid/2576/info A format string bug in the logging facility of the cfingerd "Configurable Finger Daemon" allows remote users to attain root privileges and execute arbitrary code. cfingerd queries and logs the remote username of users of the service. If an...

CVE-1999-0243

Linux cfingerd could be exploited to gain root access...

CVE-1999-0708

Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field...

CVE-1999-0259

cfingerd lists all users on a system via search.@target...

cfingerd_bof.txt

-----BEGIN PGP SIGNED MESSAGE----- Babcia Padlina Ltd. Security Advisory BP-9909:00 Synopsis: Cfingerd is vulnerable to local buffer overflow attack. Vulnerable versions: Cfingerd 1.4.2 and earlier installed on systems which doesn't limit gecos length. Description: By setting carefully designed...

CVE-1999-0708

Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field...

remote_bof_cfingerd.txt

Subject: cfingerd 1.3.2 To: [email protected] Hi, there is a remote buffer over flow in cfingerd 1.3.2 in searchfake: int searchfakechar username char parsed80; bzeroparsed, 80; sscanfusername, "%^..%^\r\n\r\n", parsed; ... called from processusername, that is called from main: int mainint arg...

Martin Schulze Cfingerd 1.4.2 - GECOS Buffer Overflow

// source: https://www.securityfocus.com/bid/651/info Under systems that allow the user to change his GECOS field from the password file and do not limit its length cfingerd is vulnerable to a local root or nobody buffer overflow. By setting a carefully designed GECOS field it is possible to...

CVE-1999-0813

Cfingerd with ALLOWEXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges...

cfingerd Wildcard Argument Information Disclosure

The remote host is running 'cfingerd', a finger daemon. There is a bug in the remote cfinger daemon that allows a remote attacker to get the lists of the users of this system when issuing the command : finger search.@victim This information can be used by a remote attacker to mount further attack...

CVE-1999-0243

Linux cfingerd could be exploited to gain root access...

CVE-1999-0259

cfingerd lists all users on a system via search.@target...