| VID |
15005 |
| Severity |
30 |
| Port |
79 |
| Protocol |
TCP |
| Class |
FINGER |
| Detailed Description |
There is a bug in the finger service which will make it display the list of the accounts that have never been used, when anyone issues the request :
finger 0@victim.com
This list will help an attacker to guess the operating system type. It will also tell him which accounts have never been used, which will often make him focus his attacks on these accounts.
* References:
http://www.iss.net/security_center/static/46.php |
| Recommendation |
Disable the finger service if it's not necessary, or upgrade your finger daemon not to be vulnerable.
To disable the finger daemon started from inetd:
1. Edit the /etc/inetd.conf (or equivalent) file.
2. Locate the line that controls the daemon.
3. Type a # at the beginning of the line to comment out the daemon.
4. Restart inetd.
*Solaris 10, Solaris 11:
# svcadm disable svc:/network/finger:default
*Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
Open /etc/xinetd.d/finger and set disable=yes
and then restart xinetd |
| Related URL |
CVE-1999-0612 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
