CVE-2001-0735

Infodrom Cfingerd - Buffer Overflow

Title source: rule

Description

Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Megyer Laszlo · clocalunix

https://www.exploit-db.com/exploits/20963

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by qitest1 · clocalunix

https://www.exploit-db.com/exploits/20964

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by teleh0r · perllocalunix

https://www.exploit-db.com/exploits/20962

View Code ZIP pw:eip

References (5)

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/2914

[Patch, Vendor Advisory] http://www.debian.org/security/2001/dsa-066

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6744

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/01071120191900.00788%40localhost.localdomain

[Patch, Vendor Advisory] http://www.securityfocus.com/archive/1/192844

Scores

EPSS 0.0046

EPSS Percentile 64.4%

Details

Status published

Products (3)

infodrom/cfingerd 1.4.1

infodrom/cfingerd 1.4.2

infodrom/cfingerd 1.4.3

Published Oct 18, 2001

Tracked Since Feb 18, 2026