Bugtraq mailing list archives

Re: fingerd problems

From: jlewis () inorganic5 fdt net (Jon Lewis)
Date: Fri, 17 May 1996 00:16:22 -0400


On Thu, 16 May 1996, Elliot Lee wrote:

[ list of ways to list all the users on a system using fingerd ]


Another vulnerability of many finger daemons is their ability to support
'chain' fingers. If they are passed a "username" in the form of
'user () ahost net' the finger daemon will repeat the finger, effectively
hiding the tracks of anyone trying to scope out your system security.


This can also be used for primitive finger attacks (I know you could
easily do much nastier things) like
finger @theirhost.theirnet@theirhost.theirnet@theirhost.theirnet....
which can be used to spawn off alot of in.fingerds.

Many Linux distributions, Solaris 2.5, and IRIX 5.3 come with these holes.
Probably alot of others do too.

------------------------------------------------------------------
 Jon Lewis                      |  Mime attachments are OK
 jlewis () inorganic5 fdt net      |  But please ask before sending
 http://inorganic5.fdt.net      |  unsolicited huge files.
________Finger jlewis () inorganic5 fdt net for PGP public key_______

Current thread:

Re: TCP SYN probe detection tool available, (continued)
- Re: TCP SYN probe detection tool available Brian Mitchell (May 15)
  - information on syslog bug wanted ALEXANDER SCHUETZ (May 17)
  - BoS: SECURITY BUG in FreeBSD Krzysztof Labanowski (May 17)
    - Re: BoS: SECURITY BUG in FreeBSD Dan Cross (May 17)
    - Re: BoS: SECURITY BUG in FreeBSD Steve Reid (May 17)
- Re: TCP SYN probe detection tool available redeye () compulink gr (May 15)
  - Re: TCP SYN probe detection tool available Casper Dik (May 16)
    - SunOS 4.1.4 fingerd Andy Dills (May 16)
    - Re: SunOS 4.1.4 fingerd Dave Dittrich (May 16)
    - Re: fingerd problems Elliot Lee (May 16)
    - Re: fingerd problems Jon Lewis (May 16)
    - Re: fingerd problems Brian Mitchell (May 16)
    - Re: fingerd problems Robert A. Pickering Jr. (May 17)
    - Re: SunOS 4.1.4 fingerd Kevin at Paranoia (May 16)
    - Re: SunOS 4.1.4 fingerd Christopher X. Candreva (May 16)
    - Re: SunOS 4.1.4 fingerd Niko Makila (May 16)
    - Re: SunOS 4.1.4 fingerd Steve Coleman - SEWP (May 17)
    - Re: SunOS 4.1.4 fingerd bitblt () bitblt resnet cornell edu (May 17)
    - Re: SunOS 4.1.4 fingerd Yiorgos Adamopoulos (May 17)
    - Re: SunOS 4.1.4 fingerd David B. Vanderpool (May 17)
    - Re: SunOS 4.1.4 fingerd Taner Halicioglu (May 17)

(Thread continues...)