Bugtraq mailing list archives
Re: SunOS 4.1.4 fingerd
From: era () ucar edu (Ed Arnold)
Date: Thu, 16 May 1996 15:00:56 -0600
andy () fred net said:
Just messing around I picked up a couple "logic flaws" with sun 4.1.4 fingerd. This may happen on 4.1.X, but I haven't tested, and I am not motivated enough to check :> I know I have seen it written up someplace about the flaw when finger 0 () XXX com is done. (It shows a finger output on every user, which as we know, can be a very useful tool to those with bad intentions) Thus, we just added a user 0 (zero). Problem fixed. Anyway, I have found that fingering .@XXX.com also yeilds the same result.
just fyi, in case you hadn't tried it ... tcpd does a nice job of stopping this nonsense.
Current thread:
- Re: fingerd problems, (continued)
- Re: fingerd problems Robert A. Pickering Jr. (May 17)
- Re: SunOS 4.1.4 fingerd Kevin at Paranoia (May 16)
- Re: SunOS 4.1.4 fingerd Christopher X. Candreva (May 16)
- Re: SunOS 4.1.4 fingerd Niko Makila (May 16)
- Re: SunOS 4.1.4 fingerd Steve Coleman - SEWP (May 17)
- Re: SunOS 4.1.4 fingerd bitblt () bitblt resnet cornell edu (May 17)
- Re: SunOS 4.1.4 fingerd Yiorgos Adamopoulos (May 17)
- Re: SunOS 4.1.4 fingerd David B. Vanderpool (May 17)
- Re: SunOS 4.1.4 fingerd Taner Halicioglu (May 17)
- Re: SunOS 4.1.4 fingerd Craig Raskin (May 17)
- Re: SunOS 4.1.4 fingerd Ed Arnold (May 16)
- Re: SunOS 4.1.4 fingerd Patrick Ferguson (May 20)
- Re: SunOS 4.1.4 fingerd Eilon Gishri (May 21)
- Re: SunOS 4.1.4 fingerd Alan Brown (May 22)
- CERT Vendor-Initiated Bulletin VB-96.06 - FreeBSD CERT Bulletin (May 20)
- Re: SunOS 4.1.4 fingerd invalid opcode (May 16)
- Re: TCP SYN probe detection tool available Henri Karrenbeld (May 16)
- Re: TCP SYN probe detection tool available Brian Mitchell (May 16)
- Re: TCP SYN probe detection tool available Mike Neuman (May 16)
- Re: TCP SYN probe detection tool available Darren Reed (May 26)