Detections
Analytics
cfingerd < 1.4.4 Multiple Vulnerabilities
critical Nessus Network Monitor Plugin ID 1279
Synopsis
The remote host is vulnerable to multiple issuesDescription
The remote cfinger server is vulnerable to a format string attack that may allow an attacker execute arbitrary command on this host. In addition, cfingerd has been found to be vulnerable to privilege escalation and overflow attacks.Solution
Upgrade to cfingerd 1.4.4 or later.See Also
http://archives.neohapsis.com/archives/bugtraq/1999-q3/1007.html
http://archives.neohapsis.com/archives/vendor/2001-q2/0009.html
Plugin Details
Severity: Critical
ID: 1279
Family: Finger
Published: 8/20/2004
Updated: 3/6/2019
Nessus ID: 10652
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:infodrom:cfingerd