Vulnerabilities > CVE-2001-0735 - Unspecified vulnerability in Infodrom Cfingerd 1.4.1/1.4.2/1.4.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description cfingerd 1.4.1/1.4.2/1.4.3 Utilities Buffer Overflow Vulnerability (2). CVE-2001-0735. Local exploit for unix platform id EDB-ID:20963 last seen 2016-02-02 modified 2001-07-11 published 2001-07-11 reporter Megyer Laszlo source https://www.exploit-db.com/download/20963/ title cfingerd 1.4.1/1.4.2/1.4.3 Utilities Buffer Overflow Vulnerability 2 description cfingerd 1.4.1/1.4.2/1.4.3 Utilities Buffer Overflow Vulnerability (3). CVE-2001-0735. Local exploit for unix platform id EDB-ID:20964 last seen 2016-02-02 modified 2001-07-10 published 2001-07-10 reporter qitest1 source https://www.exploit-db.com/download/20964/ title cfingerd 1.4.1/1.4.2/1.4.3 Utilities Buffer Overflow Vulnerability 3 description cfingerd 1.4.1/1.4.2/1.4.3 Utilities Buffer Overflow Vulnerability (1). CVE-2001-0735. Local exploit for unix platform id EDB-ID:20962 last seen 2016-02-02 modified 2001-06-21 published 2001-06-21 reporter teleh0r source https://www.exploit-db.com/download/20962/ title cfingerd 1.4.1/1.4.2/1.4.3 Utilities Buffer Overflow Vulnerability 1
Nessus
NASL family | Debian Local Security Checks |
NASL id | DEBIAN_DSA-066.NASL |
description | Steven van Acker reported on bugtraq that the version of cfingerd (a configurable finger daemon) as distributed in Debian GNU/Linux 2.2 suffers from two problems : - The code that reads configuration files (files in which $ commands are expanded) copied its input to a buffer without checking for a buffer overflow. When the ALLOW_LINE_PARSING feature is enabled that code is used for reading users |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 14903 |
published | 2004-09-29 |
reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/14903 |
title | Debian DSA-066-1 : cfingerd - remote exploit |
code |
|