Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

in.fingerd Remote Command Execution

High

Synopsis

The remote server allows anyone to execute arbitrary commands

Description

The remote finger server allows anyone to execute arbitrary commands on this host by prepending a pipe in front of the name of the command to be executed. An attacker may use this flaw to gain a root shell on this host.

Solution

Disable the finger service.