| VID |
15007 |
| Severity |
20 |
| Port |
79 |
| Protocol |
TCP |
| Class |
FINGER |
| Detailed Description |
The remote finger daemon accepts to redirect requests. That is, users can perform requests like :
finger root@target@victim
This allows crackers to use your computer as a relay to gather informations on another network, making the other network think you are making the requests.
* References:
http://www.iss.net/security_center/static/47.php
http://www.networkice.com/advice/exploits/services/finger/finger_bomb/default.htm |
| Recommendation |
Disable the finger service if it's not necessary.
To disable the finger daemon started from inetd:
1. Edit the /etc/inetd.conf (or equivalent) file.
2. Locate the line that controls the daemon.
3. Type a # at the beginning of the line to comment out the daemon.
4. Restart inetd.
*Solaris 10, Solaris 11:
# svcadm disable svc:/network/finger:default
*Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
Open /etc/xinetd.d/finger and set disable=yes
and then restart xinetd |
| Related URL |
CVE-1999-0106 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
