Vulnerability Development mailing list archives
RE: New Remote Hole found in Berkeley Fingerd!
From: Graeme Fowler <graeme.fowler () hosteurope com>
Date: Wed, 21 Nov 2001 11:40:15 -0000
GOBBLES wrote:
We have discovered a remote vulnerability in Berkeley finger, which is somewhat trivial to exploit. The vendor has been notified
Urh, right. This is an old hole in a really old script, not a new hole in the actual finger daemon itself. Simple input validation hole, really. If anyone's still using that old code without any modification then, well, enough said I guess. In fact, in this day and age if someone still has a publically available finger script, then... Graeme
Current thread:
- New Remote Hole found in Berkeley Fingerd! vuln-dev (Nov 20)
- Re: New Remote Hole found in Berkeley Fingerd! 3APA3A (Nov 21)
- Re: New Remote Hole found in Berkeley Fingerd! Olaf Kirch (Nov 21)
- <Possible follow-ups>
- RE: New Remote Hole found in Berkeley Fingerd! Graeme Fowler (Nov 21)