Bugtraq: Re: [sa2c () and or jp: bin/21704: enabling fingerd makes files world readable]

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: [sa2c () and or jp: bin/21704: enabling fingerd makes files world readable]

From: Warner Losh <imp () VILLAGE ORG>
Date: Wed, 4 Oct 2000 11:36:40 -0600

In message <20001003201812.K6009 () riget scene pl> Przemyslaw Frasunek writes:
: BTW. Problem persists only in 4.x branch. Of course, it allows also
: to traverse directory structures:

The problem was fixed in the 4.x branch:

revision 1.15.2.4
date: 2000/10/02 22:28:46;  author: brian;  state: Exp;  lines: +11 -1
MFC: Don't allow finger /somefile, only allow filname expansions from
     inside /etc/finger.conf

Warner

By Date By Thread

Current thread:

[sa2c () and or jp: bin/21704: enabling fingerd makes files world readable] Przemyslaw Frasunek (Oct 02)
- Re: [sa2c () and or jp: bin/21704: enabling fingerd makes files world readable] Przemyslaw Frasunek (Oct 04)
- Re: [sa2c () and or jp: bin/21704: enabling fingerd makes files world readable] Warner Losh (Oct 04)