Vulnerabilities > CVE-2002-0423 - Unspecified vulnerability in Efingerd 1.3/1.6.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a finger request from an IP address with a long hostname that is obtained via a reverse DNS lookup.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-03/0050.html
- http://archives.neohapsis.com/archives/bugtraq/2002-03/0050.html
- http://melkor.dnp.fmph.uniba.sk/~garabik/efingerd/efingerd_1.5.tar.gz
- http://melkor.dnp.fmph.uniba.sk/~garabik/efingerd/efingerd_1.5.tar.gz
- http://www.iss.net/security_center/static/8380.php
- http://www.iss.net/security_center/static/8380.php
- http://www.securityfocus.com/bid/4239
- http://www.securityfocus.com/bid/4239