Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Finger abuses --> Category: infos

Cfinger's search.**@host feature Vulnerability Scan

Vulnerability Scan Summary
finger .@host feature

Detailed Explanation for this Vulnerability Test

The remote host is running 'cfingerd', a finger daemon.

There is a bug in the remote cfinger daemon which allows
anyone to get the lists of the users of this system, when
issuing the command :

finger search.**@victim

This information can in turn be used by a possible hacker to set up
a brute force login attack against this host.

Solution : use another finger daemon or disable this service in /etc/inetd.conf
Threat Level: Low / Medium

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.