| VID |
15002 |
| Severity |
20 |
| Port |
79 |
| Protocol |
TCP |
| Class |
FINGER |
| Detailed Description |
Finger service is the one which shows the information about present users. Finger can offer the following to the attacker:
Valid login names
Users' full names
Names of other systems
A user's login shell
* References:
http://www.iss.net/security_center/static/48.php |
| Recommendation |
Disable the finger service if it's not necessary.
To disable the finger daemon started from inetd:
1. Edit the /etc/inetd.conf (or equivalent) file.
2. Locate the line that controls the daemon.
3. Type a # at the beginning of the line to comment out the daemon.
4. Restart inetd.
*Solaris 10, Solaris 11:
# svcadm disable svc:/network/finger:default
*Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
Open /etc/xinetd.d/finger and set disable=yes
and then restart xinetd |
| Related URL |
CVE-1999-0612 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
