On Thu, 16 May 1996, Dave Dittrich wrote:
> The trick, as I learned it, was to use @@XXX.com on Ultrix systems.
> After a quick test, I notice that single letters and "." don't work on
> Ultrix, but any digit or "@" does. Go figure. Probably some Berkeley
> student had a hangover the day they coded finger?
Well, the normal finger program will finger @localhost if you specify
simply:
finger @
so when you do, for example:
finger @@foo.bar.com
foo.bar.com will receive the finger with the data "@" and then proceed to
finger itself (localhost). A simple denial of service attack is to do:
finger @@@@@@@@@@@@@@@@@@[...]@@@foo.bar.com
You can imagine what this will cause... :-) I trivial fix is to look for
an '@' sign in the sent string (in in.fingerd) and deny the finger.
-Taner
-------------------------=[ D. Taner Halicioglu ]=----------------------------
taner_at_sdsc.edu The San Diego Supercomputer Center, Workstation Services
taner_at_ucsd.edu U. of California, San Diego - Revelle - Computer Sci.
IRC Admin for irc.sdsc.edu/irc.ucsd.edu/irc.cerf.net
taner_at_mecca.epri.com EPRI - 3412 Hillview Ave, Palo Alto, CA
-------------=[ Linux 1.3.* OS - http://www.sdsc.edu/~taner/ ]=---------------
Received on May 17 1996
Intro
