Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0735

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0735
Last Modified 05 Sep 2008 04:24:48
Published 18 Oct 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0735

Summary

Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.

Vulnerable Systems

Application

  • Infodrom Cfingerd 1.4.1

  • Infodrom Cfingerd 1.4.2

  • Infodrom Cfingerd 1.4.3


References

XF - cfingerd-util-bo(6744)

BID - 2914

BUGTRAQ - 20010621 cfingerd local vulnerability (possibly root)

DEBIAN - DSA-066

BUGTRAQ - 20010711 Another exploit for cfingerd <= 1.4.3-8


Last Updated: 27 May 2016 10:36:22