Test Kennung:	1.3.6.1.4.1.25623.1.0.10788
Kategorie:	Finger abuses
Titel:	Solaris finger disclosure
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: There is a bug in the remote finger service which, when triggered, allows a user to force the remote finger daemon to display the list of the accounts that have never been used, by issuing the request : finger 'a b c d e f g h'@target This list will help an attacker to guess the operating system type. It will also tell him which accounts have never been used, which will often make him focus his attacks on these accounts. Solution : disable the finger service in /etc/inetd.conf and restart the inetd process, or apply the relevant patches from Sun Microsystems. Risk factor : Medium
Querverweis:	BugTraq ID: 3457 Common Vulnerability Exposure (CVE) ID: CVE-2001-1503 http://www.securityfocus.com/bid/3457 http://sunsolve.sun.com/search/document.do?assetkey=1-26-27116-1 http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0016.html XForce ISS Database: solaris-fingerd-list-accounts(7334) https://exchange.xforce.ibmcloud.com/vulnerabilities/7334
Copyright	This script is Copyright (C) 2001 Renaud Deraison

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.