Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0813 | 1 Infodrom | 1 Cfingerd | 2022-08-17 | 7.2 HIGH | N/A |
| Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges. | |||||
| CVE-1999-0259 | 1 Infodrom | 1 Cfingerd | 2022-08-17 | 5.0 MEDIUM | N/A |
| cfingerd lists all users on a system via search.**@target. | |||||
| CVE-2001-0609 | 1 Infodrom | 1 Cfingerd | 2017-12-18 | 10.0 HIGH | N/A |
| Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function. | |||||
| CVE-2001-0735 | 1 Infodrom | 1 Cfingerd | 2017-12-18 | 7.2 HIGH | N/A |
| Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file. | |||||
| CVE-1999-0708 | 1 Infodrom | 1 Cfingerd | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. | |||||