Lucene search
K

92 matches found

Tenable Nessus
Tenable Nessus
added 2001/04/16 12:0 a.m.24 views

cfingerd Version Detection

Nessus was able to detect the version of cfingerd running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10651; scriptversion "1.13"; scriptnameenglish:"cfingerd Version Detection"; scriptsummaryenglish:"cfingerd version"; scriptsetattribute...

5.4AI score
Exploits0
exploitpack
exploitpack
added 2001/04/16 12:0 a.m.22 views

cfingerd 1.4 - Format String (2)

cfingerd 1.4 - Format String 2 // source: https://www.securityfocus.com/bid/2576/info A format string bug in the logging facility of the cfingerd "Configurable Finger Daemon" allows remote users to attain root privileges and execute arbitrary code. cfingerd queries and logs the remote username of...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/04/16 12:0 a.m.32 views

cfingerd < 1.4.4 Multiple Vulnerabilities

The version of cfingerd running on the remote host has multiple vulnerabilities, including : - A local buffer overflow in the GECOS field, which can be used to escalate privileges. - A format string vulnerability, triggered by a malformed ident reply. This can be used to execute arbitrary code. -...

10CVSS6.2AI score0.18235EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2001/04/16 12:0 a.m.28 views

cfingerd 1.4 - Format String (2)

// source: https://www.securityfocus.com/bid/2576/info A format string bug in the logging facility of the cfingerd "Configurable Finger Daemon" allows remote users to attain root privileges and execute arbitrary code. cfingerd queries and logs the remote username of users of the service. If an...

7AI score
Exploits0
securityvulns
securityvulns
added 2001/04/13 12:0 a.m.108 views

CFINGERD remote vulnerability

Hi Following the recent habits, I break the advisory into 4 parts: OVERVIEW: --------- There is a critical bug in cfingerd daemon = 1.4.3, a classic format bug that makes possible to acquire full control over the remote machine if it runs the cfingerd program, the configurable and secure finger...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2001/04/13 12:0 a.m.50 views

Серьезная дырка в cfingerd &#40;format string&#41;

Уязвимость форматной строки...

0.8AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2001/04/11 12:0 a.m.9 views

cfingerd 1.4 - Format String (1)

cfingerd 1.4 - Format String 1 source: https://www.securityfocus.com/bid/2576/info A format string bug in the logging facility of the cfingerd "Configurable Finger Daemon" allows remote users to attain root privileges and execute arbitrary code. cfingerd queries and logs the remote username of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/04/11 12:0 a.m.36 views

cfingerd 1.4 - Format String (1)

source: https://www.securityfocus.com/bid/2576/info A format string bug in the logging facility of the cfingerd "Configurable Finger Daemon" allows remote users to attain root privileges and execute arbitrary code. cfingerd queries and logs the remote username of users of the service. If an...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2000/04/18 4:0 a.m.18 views

CVE-1999-0813

Cfingerd with ALLOWEXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges...

6.6AI score0.00471EPSS
Exploits0References1
CVE
CVE
added 2000/04/18 4:0 a.m.48 views

CVE-1999-0813

Cfingerd (with ALLOW_EXECUTION enabled) is vulnerable: it does not properly drop privileges when executing a program on behalf of a user, allowing local users to gain root privileges. Affected component: Cfingerd; underlying cause is improper privilege handling during exec. Exploitation details a...

7.2CVSS7AI score0.00471EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.18 views

CVE-1999-0243

Linux cfingerd could be exploited to gain root access...

9.6AI score0.01603EPSS
Exploits0References1
CVE
CVE
added 2000/02/04 5:0 a.m.49 views

CVE-1999-0243

CVE-1999-0243 affects cfingerd on Linux (notably cfingerd versions older than 1.4.4). Public docs describe multiple local vulnerabilities, including a local buffer overflow in the GECOS field and a format-string vulnerability triggered by a malformed ident reply, both enabling potential privilege...

10CVSS9.6AI score0.01603EPSS
Exploits0References1
Cvelist
Cvelist
added 2000/01/18 5:0 a.m.17 views

CVE-1999-0259

cfingerd lists all users on a system via search.@target...

6.6AI score0.01403EPSS
Exploits0References1
CVE
CVE
added 2000/01/18 5:0 a.m.56 views

CVE-1999-0708

CVE-1999-0708 describes a local buffer overflow in cfingerd's GECOS field that allows a local user to gain root privileges. The vulnerability affects cfingerd prior to version 1.4.4 (as reflected in multiple scanners and advisories), with the overflow enabling privilege escalation without requiri...

7.2CVSS9.1AI score0.00818EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2000/01/18 5:0 a.m.77 views

CVE-1999-0259

CVE-1999-0259 describes an information-disclosure vulnerability in cfingerd where a remote attacker can list system users by issuing a finger search (finger search.*@target). The affected component is cfingerd; the underlying root cause is a bug in the search handling that exposes user lists. Doc...

5CVSS6.7AI score0.01403EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2000/01/18 5:0 a.m.19 views

CVE-1999-0708

Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field...

9.1AI score0.00818EPSS
Exploits0References1
Packet Storm
Packet Storm
added 1999/09/28 12:0 a.m.36 views

cfingerd_bof.txt

-----BEGIN PGP SIGNED MESSAGE----- Babcia Padlina Ltd. Security Advisory BP-9909:00 Synopsis: Cfingerd is vulnerable to local buffer overflow attack. Vulnerable versions: Cfingerd 1.4.2 and earlier installed on systems which doesn't limit gecos length. Description: By setting carefully designed...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/09/22 12:0 a.m.28 views

cfingerd_bug.txt

Subject: Severe bug in cfingerd before 1.4.0 To: [email protected] Severe bug in cfingerd before 1.ems Content-Type: text/plain; charset=us-ascii PGP Signature Status: unknown Signer: Unknown, Key ID xAE8F7CF5 Signed: 8/10/99 11:34:37 AM Verified: 9/21/99 7:41:23 PM BEGIN PGP VERIFIED...

7.4AI score
Exploits0
NVD
NVD
added 1999/09/21 4:0 a.m.15 views

CVE-1999-0708

Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field...

7.2CVSS6.8AI score0.00818EPSS
Exploits0References1
Packet Storm
Packet Storm
added 1999/09/21 12:0 a.m.25 views

remote_bof_cfingerd.txt

Subject: cfingerd 1.3.2 To: [email protected] Hi, there is a remote buffer over flow in cfingerd 1.3.2 in searchfake: int searchfakechar username char parsed80; bzeroparsed, 80; sscanfusername, "%^..%^\r\n\r\n", parsed; ... called from processusername, that is called from main: int mainint arg...

Exploits0
Rows per page
Query Builder