Bugtraq mailing list archives
Re: fingerd
From: bsides () TOWERY COM (Brock Sides)
Date: Thu, 27 Apr 2000 14:13:55 -0500
I have attempted to confirm this, and failed, for Irix 6.3, 6.4, and 6.5.7m. In all cases, if the .plan file is symlinked to /etc/shadow, a remote finger, or a local finger by any user other than root, returns "No Plan." Based on a little experimentation, it appears that Irix fingerd drops privileges to those of "guest" before reading .plan files. -- Brock Sides Unix Systems Administration Towery Publishing bsides () towery com On Thu, 27 Apr 2000, Psarras Nikos wrote:
I am new on the list so i dont know if you knew that. On Irix 6.4 with all patches installed the fingerd seems to like to display the shadow file to all users.ln -s /etc/shadow /path/user/.plan finger user () irix64 show.shadowThis feature was found by a student -Zanikolas Serafim- while he was reading a 9 years old system administrator's book. Psarras Nicholas
Current thread:
- Re: Solaris 7 x86 lpset exploit., (continued)
- Re: Solaris 7 x86 lpset exploit. Jor (Apr 27)
- Re: Solaris 7 x86 lpset exploit. Casper Dik (Apr 28)
- SECURITY: [RHSA-2000:014-10] Updated piranha packages available Cristian Gafton (Apr 24)
- FreeBSD Security Advisory: FreeBSD-SA-00:14.imap-uw FreeBSD Security Officer (Apr 24)
- FreeBSD Security Advisory: FreeBSD-SA-00:15.imap-uw FreeBSD Security Officer (Apr 24)
- piranha default password/exploit Max Vision (Apr 24)
- Re: piranha default password/exploit Cristian Gafton (Apr 25)
- Re: piranha default password/exploit CDI (Apr 25)
- Re: piranha default password/exploit Matt Wilson (Apr 26)
- fingerd Psarras Nikos (Apr 27)
- Re: fingerd Brock Sides (Apr 27)
- Re: fingerd Jeremy Rauch (Apr 27)
- Cartfix Secret Backdoor Patch tool for cart32 Weld Pond (Apr 27)
- Re: ISS Security Advisory: Backdoor Password in Red Hat Linux Virtual Server Package Cristian Gafton (Apr 25)