CVE-2013-1049

EUVD-2013-1089
Buffer overflow in the RFC1413 (ident) client in cfingerd 1.4.3-3 allows remote IDENT servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted response.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
debiancfingerd
1.4.3-3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
cfingerd
bookworm
1.4.3-7
fixed
bullseye
1.4.3-5
fixed
sid
1.4.3-8
fixed
trixie
1.4.3-8
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cfingerd
hardy
not-affected
lucid
not-affected
oneiric
Fixed 1.4.3-3ubuntu1.11.10.1
released
precise
Fixed 1.4.3-3ubuntu1.12.04.1
released
quantal
Fixed 1.4.3-3ubuntu1.12.10.1
released
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700098
http://osvdb.org/90747
http://www.debian.org/security/2013/dsa-2635
https://bugs.launchpad.net/ubuntu/+source/cfingerd/+bug/1104425
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700098
http://osvdb.org/90747
http://www.debian.org/security/2013/dsa-2635
https://bugs.launchpad.net/ubuntu/+source/cfingerd/+bug/1104425