Detections
Analytics

Debian DSA-049-1 : cfingerd

critical Nessus Plugin ID 14886

Synopsis

The remote Debian host is missing a security-related update.

Description

Megyer Laszlo report on Bugtraq that the cfingerd daemon as distributed with Debian GNU/Linux 2.2 was not careful in its logging code. By combining this with an off-by-one error in the code that copied the username from an ident response cfingerd could be exploited by a remote user. Since cfingerd does not drop its root privileges until after it has determined which user to finger an attacker can gain root privileges.

Solution

This has been fixed in version 1.4.1-1.1, and we recommend that you upgrade your cfingerd package immediately.

Note: this advisory was previously posted as DSA-048-1 by mistake.

See Also

http://www.debian.org/security/2001/dsa-049

Plugin Details

Severity: Critical

ID: 14886

File Name: debian_DSA-049.nasl

Version: 1.19

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:2.2, p-cpe:/a:debian:debian_linux:cfingerd

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/19/2001

Reference Information

CVE: CVE-2001-0609

BID: 2576

DSA: 049