Detections
Analytics

cfingerd Wildcard Argument Information Disclosure

medium Nessus Plugin ID 10038

Synopsis

The remote finger server has an information disclosure vulnerability.

Description

The remote host is running 'cfingerd', a finger daemon.

There is a bug in the remote cfinger daemon that allows a remote attacker to get the lists of the users of this system when issuing the command :

 finger search.**@victim

This information can be used by a remote attacker to mount further attacks.

Solution

There is no known solution at this time. Use another finger daemon, or disable this service in inetd.conf.

See Also

https://seclists.org/bugtraq/1997/May/160

https://seclists.org/bugtraq/1997/May/171

Plugin Details

Severity: Medium

ID: 10038

File Name: cfinger_search.nasl

Version: 1.31

Type: remote

Family: Misc.

Published: 6/22/1999

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:infodrom:cfingerd

Vulnerability Publication Date: 5/23/1997

Reference Information

CVE: CVE-1999-0259