This article was posted to the Usenet group alt.hackers in
1995; any technical information is probably outdated.
Parent Parent
Re: What is the problem with Finger?
Article: 7561 of alt.hackers From: jseng@technet.sg (James Seng) Newsgroups: alt.hackers Subject: Re: What is the problem with Finger? Date: 28 Mar 1995 07:25:00 GMT Organization: Technet, Singapore Lines: 25 Approved: GOd..yea it is GOD Message-ID: 3l8dkd$ipb@raffles.technet.sg NNTP-Posting-Host: jseng@einstein.technet.sg X-Newsreader: TIN [version 1.2 PL2] Status: RO
Nicol C So (so@eiffel.cse.psu.edu) wrote:
: >So, I'll bite. Does anyone know what the security hole is in finger? I
: >can understand not wanting to have anyone be able to finger in, but why
: >wouldn't the admins what me to finger out?
Not really a hole but some site has policy that dont allow other people
to obtain information about their system.
The RTM worm uses an old buffer overflow bug in fingerd to attack
system. Standard fingerd also dont disabled source finger'ing which add
to the problem. Some variation of fingerd also has a bug which allows
people to obtain *ALL* user account in the system...some badly designed
fingerd also dont know how to timeout and kill itself causing overloading
in the system...(and so the list goes on 8)
ObHack: Wrote a 4 line httpd proxy in one min for some testing.
#!/usr/bin/perl
($command,$url,$http) = split(/\s/,<STDIN>);
open(HTML, "lynx $url|"); while (<HTML>) { print; }
close (HTML);
Don't you love perl 8)
-James Seng
Parent Parent