Re: Another exploit for cfingerd <= 1.4.3-8

From: Phil Stracchino (alaricat_private)
Date: Wed Jul 11 2001 - 17:06:21 PDT

Next message: Kris Kennaway: "Re: FreeBSD 4.3 local root, yet Linux and *BSD much better than Windows"

Previous message: Jonah Kowall: "Cold Fusion Vulnerability Patch Released"
In reply to: teleh0r: "Another exploit for cfingerd <= 1.4.3-8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 11, 2001 at 08:19:19PM +0200, teleh0r wrote:
> This is another exploit for the flaw found by Steven Van Acker.
> http://www.securityfocus.com/archive/1/192844

<snip>

> Tested against cfingerd 1.4.3-8.

Does anyone know whether cfingerd is actually being maintained any more,
or whether it has been abandoned?  The authors appear unresponsive, and no
"official" patch has been released that I am aware of.  The one unofficial
patch I've seen is incomplete, and does not declare the additional
variables it uses.

-- 
 Linux Now!   ..........Because friends don't let friends use Microsoft.
 phil stracchino   --   the renaissance man   --   mystic zen biker geek
        alaricat_private                halmayneat_private
   2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold)

Next message: Kris Kennaway: "Re: FreeBSD 4.3 local root, yet Linux and *BSD much better than Windows"
Previous message: Jonah Kowall: "Cold Fusion Vulnerability Patch Released"
In reply to: teleh0r: "Another exploit for cfingerd <= 1.4.3-8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 12 2001 - 00:02:18 PDT