Finger Recursive Request Arbitrary Site Redirection

medium Nessus Plugin ID 10073

Synopsis

It is possible to use the remote host to perform third-party host scans.

Description

The remote finger service accepts redirect requests. That is, users can perform requests like :

finger user@host@victim

This allows an attacker to use this computer as a relay to gather information on a third-party network. In addition, this type of syntax can be used to create a denial of service condition on the remote host.

Solution

Disable the remote finger daemon (comment out the 'finger' line in /etc/inetd.conf and restart the inetd process) or upgrade it to a more secure one.

Plugin Details

Severity: Medium

ID: 10073

File Name: finger_redirection.nasl

Version: 1.34

Type: remote

Family: Misc.

Published: 6/22/1999

Updated: 8/10/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Vulnerability Publication Date: 10/28/1992

Reference Information

CVE: CVE-1999-0105, CVE-1999-0106