Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Forwared to me

From: tsoome () UT EE (Toomas Soome)
Date: Mon, 13 Jul 1998 23:42:45 +0300

On Mon, 13 Jul 1998, Michael H. Warfield wrote:


        I would also like to remark about one thing.  Solar Designer
quoted one possible action from the advisory.  That one point was a
suggestion made by my Sun contacts.  It was NOT our recommendation as
the action to be taken.  My PERSONAL recommendation is to disable finger
if at all possible.  It provides way too much information about accounts and


actually, finger is only top of ice mountain, what it will do:
setpwent()
  while( getpwent() ) {}
endpwent()

nothing more. but, if this is such simple, nothing will prevent users
INSIDE to write this; easy and simple way to block sysadmins while
cleaning trails or whatever. Actually, there are not only password tables
around - there are tables for services, mail aliases etc. After all,
calling NIS functions directly is not such big mystery...

just another way to generate load for server- if there are netgroups used
for some kind of access control - tcpd wrapper, NFS access etc...

so, even if You can survive one type of attack - netgroups are not too big
etc, combining different types may be just enough to bring down system...

toomas soome
Tartu University, Estonia
--
Gee, I feel kind of LIGHT in the head now, knowing I can't make my
satellite dish PAYMENTS!
Previous By Date Next
Previous By Thread Next

Current thread: