Solaris FingerD Daemon Information Disclosure Vulnerability

Bugtraq ID:	25103
Class:	Design Error
CVE:
Remote:	Yes
Local:	No
Published:	Jul 27 2007 12:00AM
Updated:	Jul 30 2007 07:25PM
Credit:	Jim Mellander is credited with the discovery of this vulnerability
Vulnerable:	Sun Solaris 9_x86 Sun Solaris 9 Sun Solaris 8_x86 Sun Solaris 8_sparc Sun Solaris 7.0_x86 Sun Solaris 7.0
Not Vulnerable:

Solaris FingerD Daemon Information Disclosure Vulnerability

Sun Solaris is prone to an information-disclosure vulnerability due to a design error in the 'fingerd' daemon.

An attacker can exploit this issue gain access to user account information that may lead to further attacks.

Solaris FingerD Daemon Information Disclosure Vulnerability

A specific exploit is not required to exploit this issue. The attacker only has to submit a 'finger 9@host' command to leverage this issue.

Solaris FingerD Daemon Information Disclosure Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Solaris FingerD Daemon Information Disclosure Vulnerability

References:

• Sun Microsystems Home Page (Sun Microsystems)
  
• Solaris finger bug ([email protected])