This script is Copyright (C) 1999-2015 Tenable Network Security, Inc.
The finger service running on the remote host has an information
It is possible to force the remote finger daemon to display a list of
accounts that have never been used by issuing the request :
A remote attacker could use this information to guess which operating
system is running or mount further attacks against these accounts.
See also :
Disable or filter access to the finger daemon.
Risk factor :
Medium / CVSS Base Score : 5.0