FreeBSD 4.1.1 Finger Arbitrary File Access
High Nessus Network Monitor Plugin ID 1281
SynopsisThe remote host may give an attacker information useful for future attacks
DescriptionThe remote finger server allows anyone to read arbitrary files on this host, by requesting the file name on port 79. An attacker may use this flaw to retrieve your password file or any file readable by the fingerd process.
SolutionDisable the finger service.