Vulnerabilities > Efingerd
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-08-12 | CVE-2002-0424 | Unspecified vulnerability in Efingerd 1.3/1.6.1 efingerd 1.61 and earlier, when configured without the -u option, executes .efingerd files as the efingerd user (typically "nobody"), which allows local users to gain privileges as the efingerd user by modifying their own .efingerd file and running finger. | 4.6 |
2002-08-12 | CVE-2002-0423 | Buffer Overflow vulnerability in EFingerD Reverse Resolver Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a finger request from an IP address with a long hostname that is obtained via a reverse DNS lookup. | 10.0 |