Fake Identd Client Query Remote Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running Fake Identd server and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attackers to cause buffer overflow condition or execute arbitrary code on the system with root privileges. Impact Level: System/Application

Solution

Upgrade to Fake Identd version 1.5 or later, For updates refer to http://freecode.com/projects/fakeidentd?topic_id=150

Insight

The identd server fails to handle a specially crafted long request that is split into multiple packets, which allows remote attackers to cause a buffer overflow.

Affected

Tomi Ollila Fake Identd version 0.9 through 1.4

References

http://archives.neohapsis.com/archives/bugtraq/2002-07/0370.html
http://www.osvdb.org/37815
http://xforce.iss.net/xforce/xfdb/9731

Updated on 2015-03-25

Severity

Classification

CVE CVE-2002-1792
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability
BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability
ChaSen Buffer Overflow Vulnerability (Linux)
Citrix Provisioning Services SoapServer Buffer Overflow Vulnerability
Adobe Flash Player Buffer Overflow Vulnerability (Windows)

Take action and discover your vulnerabilities