Bugtraq mailing list archives
Re: SunOS 4.1.4 fingerd
From: taner () sdsc edu (Taner Halicioglu)
Date: Fri, 17 May 1996 09:56:21 -0700
On Thu, 16 May 1996, Dave Dittrich wrote:
The trick, as I learned it, was to use @@XXX.com on Ultrix systems. After a quick test, I notice that single letters and "." don't work on Ultrix, but any digit or "@" does. Go figure. Probably some Berkeley student had a hangover the day they coded finger?
Well, the normal finger program will finger @localhost if you specify simply: finger @ so when you do, for example: finger @@foo.bar.com foo.bar.com will receive the finger with the data "@" and then proceed to finger itself (localhost). A simple denial of service attack is to do: finger @@@@@@@@@@@@@@@@@@[...]@@@foo.bar.com You can imagine what this will cause... :-) I trivial fix is to look for an '@' sign in the sent string (in in.fingerd) and deny the finger. -Taner -------------------------=[ D. Taner Halicioglu ]=---------------------------- taner () sdsc edu The San Diego Supercomputer Center, Workstation Services taner () ucsd edu U. of California, San Diego - Revelle - Computer Sci. IRC Admin for irc.sdsc.edu/irc.ucsd.edu/irc.cerf.net taner () mecca epri com EPRI - 3412 Hillview Ave, Palo Alto, CA -------------=[ Linux 1.3.* OS - http://www.sdsc.edu/~taner/ ]=---------------
Current thread:
- Re: fingerd problems, (continued)
- Re: fingerd problems Jon Lewis (May 16)
- Re: fingerd problems Brian Mitchell (May 16)
- Re: fingerd problems Robert A. Pickering Jr. (May 17)
- Re: SunOS 4.1.4 fingerd Kevin at Paranoia (May 16)
- Re: SunOS 4.1.4 fingerd Christopher X. Candreva (May 16)
- Re: SunOS 4.1.4 fingerd Niko Makila (May 16)
- Re: SunOS 4.1.4 fingerd Steve Coleman - SEWP (May 17)
- Re: SunOS 4.1.4 fingerd bitblt () bitblt resnet cornell edu (May 17)
- Re: SunOS 4.1.4 fingerd Yiorgos Adamopoulos (May 17)
- Re: SunOS 4.1.4 fingerd David B. Vanderpool (May 17)
- Re: SunOS 4.1.4 fingerd Taner Halicioglu (May 17)
- Re: SunOS 4.1.4 fingerd Craig Raskin (May 17)
- Re: SunOS 4.1.4 fingerd Ed Arnold (May 16)
- Re: SunOS 4.1.4 fingerd Patrick Ferguson (May 20)
- Re: SunOS 4.1.4 fingerd Eilon Gishri (May 21)
- Re: SunOS 4.1.4 fingerd Alan Brown (May 22)
- CERT Vendor-Initiated Bulletin VB-96.06 - FreeBSD CERT Bulletin (May 20)
- Re: SunOS 4.1.4 fingerd invalid opcode (May 16)
- Re: TCP SYN probe detection tool available Henri Karrenbeld (May 16)
- Re: TCP SYN probe detection tool available Brian Mitchell (May 16)