CVE-2013-1049

Publication date 14 March 2013

Last updated 24 July 2024

Ubuntu priority

Description

Buffer overflow in the RFC1413 (ident) client in cfingerd 1.4.3-3 allows remote IDENT servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted response.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
cfingerd	12.10 quantal	Fixed 1.4.3-3ubuntu1.12.10.1
	12.04 LTS precise	Fixed 1.4.3-3ubuntu1.12.04.1
	11.10 oneiric	Fixed 1.4.3-3ubuntu1.11.10.1
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not affected

How can I get the fixes?
What do statuses mean?
Patch details

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
cfingerd	Other: https://bugs.launchpad.net/ubuntu/+source/cfingerd/+bug/1104425/+attachment/3499046/+files/cfingerd.patch

References

MITRE
NVD
Launchpad
Debian

Other references

https://bugs.launchpad.net/ubuntu/+source/cfingerd/+bug/1104425
https://www.cve.org/CVERecord?id=CVE-2013-1049