Bugtraq: Re: SunOS 4.1.4 fingerd

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: SunOS 4.1.4 fingerd

From: dittrich () cac washington edu (Dave Dittrich)
Date: Thu, 16 May 1996 13:04:07 -0700


On Thu, 16 May 1996, Andy Dills wrote:

I know I have seen it written up someplace about the flaw when
finger 0 () XXX com is done. (It shows a finger output on every user, which
as we know, can be a very useful tool to those with bad intentions)
...
Anyway, I have found that fingering . () XXX com also yeilds the same result.


The trick, as I learned it, was to use @@XXX.com on Ultrix systems.
After a quick test, I notice that single letters and "." don't work on
Ultrix, but any digit or "@" does.  Go figure.  Probably some Berkeley
student had a hangover the day they coded finger?

Thus, we just added a user 0 (zero). Problem fixed.


Looks like you'll have to add a few more users! ;)

--
Dave Dittrich                  Client Services, Computing & Communications
dittrich () cac washington edu    University of Washington

<a href="http://www.washington.edu/People/dad/";>
Dave Dittrich / dittrich () cac washington edu</a>

By Date By Thread

Current thread:

Re: BoS: SECURITY BUG in FreeBSD, (continued)
- Re: TCP SYN probe detection tool available redeye () compulink gr (May 15)
  - Re: TCP SYN probe detection tool available Casper Dik (May 16)
    - SunOS 4.1.4 fingerd Andy Dills (May 16)
    - Re: SunOS 4.1.4 fingerd Dave Dittrich (May 16)
    - Re: fingerd problems Elliot Lee (May 16)
    - Re: fingerd problems Jon Lewis (May 16)
    - Re: fingerd problems Brian Mitchell (May 16)
    - Re: fingerd problems Robert A. Pickering Jr. (May 17)
    - Re: SunOS 4.1.4 fingerd Kevin at Paranoia (May 16)