Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.
https://exchange.xforce.ibmcloud.com/vulnerabilities/6744
http://www.securityfocus.com/archive/1/192844
http://www.securityfocus.com/archive/1/01071120191900.00788%40localhost.localdomain