Vulnerabilities > CVE-2002-2048 - Remote Security vulnerability in Michael Baumer Pfinger 0.7.8

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

michael-baumer

NVD

Published: 2002-12-31

Updated: 2016-10-18

Summary

Buffer overflow in PFinger 0.7.8 client allows remote attackers to execute arbitrary code via a long query value passed to the (1) finger program, (2) -l, (3) -d, and (4) -t options. NOTE: if PFinger is not setuid or setgid, then this issue would not cross privilege boundaries and would not be considered a vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Michael_Baumer Michael Baumer Pfinger 0.7.8	1

References

http://marc.info/?l=vuln-dev&m=102321152215055&w=2
http://www.iss.net/security_center/static/9269.php