CVE-2002-2048 Information

Description

Buffer overflow in PFinger 0.7.8 client allows remote attackers to execute arbitrary code via a long query value passed to the (1) finger program (2) -l (3) -d and (4) -t options. NOTE: if PFinger is not setuid or setgid then this issue would not cross privilege boundaries and would not be considered a vulnerability.

Reference

http://marc.info/?l=vuln-dev&m=102321152215055&w=2 http://www.iss.net/security_center/static/9269.php