| Ãë¾àÁ¡ID |
15001 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
79 |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
FINGER |
| »ó¼¼¼³¸í |
Remote »óÀÇ ¼¹ö¿¡¼ ´ÙÀ½°ú °°ÀÌ Command¸¦ ³»¸®¸é ÇØ´ç ½Ã½ºÅÛ(victim)ÀÇ ¸ðµç User List°¡ º¸¿©Áø´Ù.
finger search.**@victim
* Âü°í »çÀÌÆ®:
http://archives.neohapsis.com/archives/bugtraq/1997_2/0328.html
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Solaris 10, Solaris 11
Enterprise Linux 6.4, CentOS 6.4, Fedora 19 |
| ÇØ°áÃ¥ |
¼¹öÀÇ Account Á¤º¸´Â Cracker¿¡°Ô ¸Å¿ì À¯¿ëÇÑ Á¤º¸·Î »ç¿ëµÇ¾î Áú ¼ö ÀÖ¾î À§ÇèÇÏ´Ù. ¾ò¾îÁø Account Á¤º¸´Â Login try, Spooing ¶Ç´Â ÀÌ¿Í °áºÎÇÑ ¸¹Àº °ø°Ý¹æ¹ýÀÌ ÀÖÀ¸¹Ç·Î ¼¹ö½º¸¦ »ç¿ëÁßÁö Çϰųª PatchÇÏ¿©¾ß ÇÑ´Ù.
¡Ø /etc/inetd.conf ÆÄÀÏ¿¡¼ finger ¶óÀÎÀ» Comment Out
*Solaris 10, Solaris 11ÀÇ °æ¿ì:
# svcadm disable svc:/network/finger:default
*Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
/etc/xinetd.d/fingerÀ» ¿¾î disable=yes·Î ¼³Á¤ÇÑ ÈÄ xinetd¸¦ Àç½ÃÀÛÇÑ´Ù. |
| °ü·Ã URL |
CVE-1999-0259 (CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
1811 (ISS) |
|
