Neohapsis Archives - VulnWatch - [VulnWatch] Solaris fingerd disclose complete user list - From warning3<img src="/web/20051104210906im_/http://archives.neohapsis.com/imgs/at.gif" align="middle" border="0">nsfocus.com

LOCATION: Neohapsis / Archives / VulnWatch / Message Index / [VulnWatch] Solaris fingerd disclose complete user list
From: w3 (warning3nsfocus.com) Date: Mon Oct 22 2001 - 08:31:31 CDT Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] Hi, Solaris fingerd has a 'feature' to disclose the complete user list. I got the way how to reproduce it after read the Sun's Alert #27116. It is very easy: $ finger 'a b c d e f g h'sunhost Sun has released the patches: SunOS 5.8 111232-01 SunOS 5.8_x86 111233-01 SunOS 5.7 111238-01 SunOS 5.7_x86 111239-01 SunOS 5.6 111236-01 SunOS 5.6_x86 111237-01 SunOS 5.5.1 111279-01 SunOS 5.5.1_x86 111280-01 SunOS 5.5 111251-01 SunOS 5.5_x86 111252-01 Sun Alert URL: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=salert%2F27116 I wonder if other system is affected. Regards, warning3 <warning3nsfocus.com> http://www.nsfocus.com Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Portions of this site are copyright 1998-2001, Neohapsis, Inc. Questions, comments or feedback, send E-mail to webmasterneohapsis.com