cbcvebase.

Infodrom Cfingerd vulnerabilities

6 known vulnerabilities affecting infodrom/cfingerd.

Total CVEs
6
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2001-0609P3CRITICALCVSS 9.8PoC≤ 1.4.32001-08-02
CVE-2001-0609 [CRITICAL] CWE-193 CVE-2001-0609: Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.
nvd
CVE-1999-0708P4HIGHCVSS 7.2PoCv1.4.21999-09-21
CVE-1999-0708 [HIGH] CVE-1999-0708: Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.
nvd
CVE-2013-1049P3CRITICALCVSS 10.0≥ 0, < 1.4.3-3.12013-03-14
CVE-2013-1049 [CRITICAL] CVE-2013-1049: Buffer overflow in the RFC1413 (ident) client in cfingerd 1 Buffer overflow in the RFC1413 (ident) client in cfingerd 1.4.3-3 allows remote IDENT servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted response.
osv
CVE-2001-0735P4HIGHCVSS 7.2PoCv1.4.1v1.4.2+1 more2001-10-18
CVE-2001-0735 [HIGH] CVE-2001-0735: Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows loca Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.
nvdosv
CVE-1999-0813P4HIGHCVSS 7.2≤ 1.4.01999-08-10
CVE-1999-0813 [HIGH] CVE-1999-0813: Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program o Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.
nvd
CVE-1999-0259P4MEDIUMCVSS 5.0v1.2.21997-05-23
CVE-1999-0259 [MEDIUM] CVE-1999-0259: cfingerd lists all users on a system via search.**@target. cfingerd lists all users on a system via search.**@target.
nvd
Infodrom Cfingerd vulnerabilities | cvebase