Bugtraq mailing list archives
Re: Another exploit for cfingerd <= 1.4.3-8
From: Phil Stracchino <alaric () babcom com>
Date: Wed, 11 Jul 2001 17:06:21 -0700
On Wed, Jul 11, 2001 at 08:19:19PM +0200, teleh0r wrote:
This is another exploit for the flaw found by Steven Van Acker. http://www.securityfocus.com/archive/1/192844
<snip>
Tested against cfingerd 1.4.3-8.
Does anyone know whether cfingerd is actually being maintained any more, or whether it has been abandoned? The authors appear unresponsive, and no "official" patch has been released that I am aware of. The one unofficial patch I've seen is incomplete, and does not declare the additional variables it uses. -- Linux Now! ..........Because friends don't let friends use Microsoft. phil stracchino -- the renaissance man -- mystic zen biker geek alaric () babcom com halmayne () sourceforge net 2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold)
Current thread:
- Another exploit for cfingerd <= 1.4.3-8 teleh0r (Jul 11)
- Re: Another exploit for cfingerd <= 1.4.3-8 Phil Stracchino (Jul 12)