<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Re: SunOS 4.1.4 fingerd

Re: SunOS 4.1.4 fingerd

From: Steve Coleman - SEWP <scoleman_at_sewp.nasa.gov>
Date: Fri, 17 May 1996 12:08:01 -0400

Excerpts from what Niko Makila said:

|But, actually I recall that this was originally a feature: you could
|finger people by their room number (or was that phone?), too. Seeing
|that this probably never worked except in Berkeley, it's amazing that
|that piece of code was never removed. Oh well, maybe it isn't that
|amazing after all...
|
| //niko

I believe that the feature was to scan the login name field and if a match
was not found to scan the gecos field for any partial information it could
match on. Is it possible that the '.' and '@' are just forms of a regular
expression or wildcard matching? If so then how many other wildcards are
there to grep the password file?

Steve Coleman -- scoleman_at_sewp.nasa.gov
vox: 301.286.7636 fax: 301.286.1619
Received on May 17 1996

This message: [ Message body ]
Next message: bitblt_at_bitblt.resnet.cornell.edu: "Re: SunOS 4.1.4 fingerd"
Previous message: Krzysztof Labanowski: "BoS: SECURITY BUG in FreeBSD"
In reply to: Niko Makila: "Re: SunOS 4.1.4 fingerd"
Next in thread: bitblt_at_bitblt.resnet.cornell.edu: "Re: SunOS 4.1.4 fingerd"
Reply: bitblt_at_bitblt.resnet.cornell.edu: "Re: SunOS 4.1.4 fingerd"
Reply: Yiorgos Adamopoulos: "Re: SunOS 4.1.4 fingerd"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos