Vulnerabilities > CVE-2004-0408 - Remote Buffer Overflow vulnerability in Michael Bacarella IDent2 Daemon Child_Service

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
michael-bacarella
nessus
NVD
Published: 2004-09-28
Updated: 2017-07-11

Summary

Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code.

Vulnerable Configurations

Part Description Count
Application
Michael_Bacarella
4

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_992302778FB411D88B290020ED76EF5A.NASL
    descriptionJack of RaptureSecurity reported a double byte buffer overflow in ident2. The bug may allow a remote attacker to execute arbitrary code within the context of the ident2 daemon. The daemon typically runs as user-ID `nobody
    last seen2020-06-01
    modified2020-06-02
    plugin id36517
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36517
    titleFreeBSD : ident2 double byte buffer overflow (99230277-8fb4-11d8-8b29-0020ed76ef5a)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_IDENT2_104.NASL
    descriptionThe following package needs to be updated: ident2
    last seen2016-09-26
    modified2004-07-06
    plugin id12553
    published2004-07-06
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=12553
    titleFreeBSD : ident2 double byte buffer overflow (72)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-494.NASL
    descriptionJack <> discovered a buffer overflow in ident2, an implementation of the ident protocol (RFC1413), where a buffer in the child_service function was slightly too small to hold all of the data which could be written into it. This vulnerability could be exploited by a remote attacker to execute arbitrary code with the privileges of the ident2 daemon (by default, the
    last seen2020-06-01
    modified2020-06-02
    plugin id15331
    published2004-09-29
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15331
    titleDebian DSA-494-1 : ident2 - buffer overflow

References