Bugtraq mailing list archives

Re: Solaris 2.5.1/2.6 fingerd bug

From: mpotter () KMFDM SYSTEM GIP NET (Matthew R. Potter)
Date: Thu, 6 Aug 1998 14:59:36 -0400

It's not new nor reintroduced.  It's been in fingerd forever.


There were patches for 2.X=3,4,5 that stoped the bouncing of finger. Most
unixes have gotten rid of the "bounce" feature, So what if it's been in
fingerd forever, it's not a good thing, then again fingerd gives away too
much info. But you can use this to get info about parts of the network you
shouldnt normally see.


Matt

Current thread:

Solaris 2.5.1/2.6 fingerd bug Fiji (Aug 05)
- Re: Solaris 2.5.1/2.6 fingerd bug James Garnett (Aug 05)
  - Solaris 2.4 pop buffer overrun Julio Casal (Aug 05)
    - Re: Solaris 2.4 pop buffer overrun Matthew R. Potter (Aug 07)
  - Re: Solaris 2.5.1/2.6 fingerd bug Joseph Moran (Aug 06)
    - Re: Solaris 2.5.1/2.6 fingerd bug Casper Dik (Aug 07)
  - Re: Solaris 2.5.1/2.6 fingerd bug Casper Dik (Aug 06)
    - Re: Solaris 2.5.1/2.6 fingerd bug Matthew R. Potter (Aug 06)
    - ADMsmb security scanner for samba The ADM Crew (Aug 06)
    - Eudora executes (Java) URL Stout, Bill (Aug 07)
    - Re: Eudora executes (Java) URL John D. Hardin (Aug 07)
    - Re: Eudora executes (Java) URL John D. Hardin (Aug 08)
  - IRIX IP Spoofing/TCP Sequence Attack Update SGI Security Coordinator (Aug 06)
  - IRIX BIND DNS Vulnerabilities Update SGI Security Coordinator (Aug 06)
  - BSD/Qualcomm qpopper Vulnerability SGI Security Coordinator (Aug 06)
  - University of Washington imapd daemon Vulnerability SGI Security Coordinator (Aug 06)
  - New Eudora bug ? Patrick Oonk (Aug 07)
    - YA Apache DoS attack Dag-Erling Coidan Smørgrav (Aug 07)

(Thread continues...)