Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Finger abuses --> Category: infos

FreeBSD 4.1.1 Finger Vulnerability Scan


Vulnerability Scan Summary
Finger /path/to/file

Detailed Explanation for this Vulnerability Test

There is a bug in the remote finger service that allows anyone to read
arbitrary files on this host by doing a 'finger' command on the name of
targeted file.

For instance :

finger /etc/passwd@target


Will display the content of /etc/passwd

Solution : disable the finger service in /etc/inetd.conf and restart the inetd
process, or upgrade your finger daemon

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.