CVE-2013-1049
cfingerd - buffer overflow
EPSS 1.6%
Description
Buffer overflow in the RFC1413 (ident) client in cfingerd 1.4.3-3 allows remote IDENT servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted response.
How to fix CVE-2013-1049
To remediate CVE-2013-1049, upgrade the affected package to a fixed version below.
- Debian/cfingerd—upgrade to 1.4.3-3.1 or later
- Debian/cfingerd—upgrade to 1.4.3-3+squeeze1 or later
Is CVE-2013-1049 being exploited?
Low — EPSS is 1.6%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.4.3-3.1
- from 0, < 1.4.3-3+squeeze1