Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2001-0735

Published: 18/10/2001 Updated: 07/11/2023
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 735
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Infodrom

Vulnerability Summary

Buffer overflow in cfingerd 1.4.3 and previous versions with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.

Vulnerable Product Search on Vulmon Subscribe to Product

infodrom cfingerd 1.4.3

infodrom cfingerd 1.4.1

infodrom cfingerd 1.4.2

Vendor Advisories

Debian Security Advisories: DSA-066-1 cfingerd -- remote exploit
Steven van Acker reported on bugtraq that the version of cfingerd (a configurable finger daemon) as distributed in Debian GNU/Linux 22 suffers from two problems: The code that reads configuration files (files in which $ commands are expanded) copied its input to a buffer without checking for a buffer overflow When the ALLOW_LINE_PARSING fe ...

Exploits

Exploit DB: cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Local Buffer Overflow (3)
source: wwwsecurityfocuscom/bid/2914/info cfingerd is a secure implementation of the finger daemon cfingerd has been contributed to by many authors, and is maintained by the cfingerd development team A buffer overflow in cfingerd makes it possible for a local user to gain elevated privileges Due to insufficient validation of input ...
Exploit DB: cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Local Buffer Overflow (2)
source: wwwsecurityfocuscom/bid/2914/info cfingerd is a secure implementation of the finger daemon cfingerd has been contributed to by many authors, and is maintained by the cfingerd development team A buffer overflow in cfingerd makes it possible for a local user to gain elevated privileges Due to insufficient validation of input, ...
Exploit DB: cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Local Buffer Overflow (1)
source: wwwsecurityfocuscom/bid/2914/info cfingerd is a secure implementation of the finger daemon cfingerd has been contributed to by many authors, and is maintained by the cfingerd development team A buffer overflow in cfingerd makes it possible for a local user to gain elevated privileges Due to insufficient validation of input, a ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/archive/1/192844http://www.debian.org/security/2001/dsa-066http://www.securityfocus.com/bid/2914https://exchange.xforce.ibmcloud.com/vulnerabilities/6744http://www.securityfocus.com/archive/1/01071120191900.00788%40localhost.localdomainhttps://nvd.nist.govhttps://www.debian.org/security/./dsa-066https://www.exploit-db.com/exploits/20964/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333CVE-2024-33901CVE-2024-36001CVE-2024-2835firewallXPath injectionauthentication bypassCVE-2024-22120CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook