Home page logo

bugtraq logo Bugtraq mailing list archives

Re: fingerd problems
From: jlewis () inorganic5 fdt net (Jon Lewis)
Date: Fri, 17 May 1996 00:16:22 -0400

On Thu, 16 May 1996, Elliot Lee wrote:

[ list of ways to list all the users on a system using fingerd ]

Another vulnerability of many finger daemons is their ability to support
'chain' fingers. If they are passed a "username" in the form of
'user () ahost net' the finger daemon will repeat the finger, effectively
hiding the tracks of anyone trying to scope out your system security.

This can also be used for primitive finger attacks (I know you could
easily do much nastier things) like
finger @theirhost.theirnet () theirhost theirnet@theirhost.theirnet....
which can be used to spawn off alot of in.fingerds.

Many Linux distributions, Solaris 2.5, and IRIX 5.3 come with these holes.
Probably alot of others do too.

 Jon Lewis                      |  Mime attachments are OK
 jlewis () inorganic5 fdt net      |  But please ask before sending
 http://inorganic5.fdt.net      |  unsolicited huge files.
________Finger jlewis () inorganic5 fdt net for PGP public key_______

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]