fingerd Remote Overflow

critical Nessus Plugin ID 17141


The finger service running on the remote host has a remote buffer overflow vulnerability.


Nessus was able to crash the remote finger daemon by sending a very long request. This is likely due to a buffer overflow. A remote attacker could potentially exploit this to execute arbitrary code.


Upgrade to the latest version of this finger daemon.

See Also

Plugin Details

Severity: Critical

ID: 17141

File Name: finger_overflow.nasl

Version: 1.20

Type: remote

Family: Misc.

Published: 2/18/2005

Updated: 8/8/2018

Supported Sensors: Nessus

Risk Information


Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 11/7/1988

Reference Information

BID: 2