Summary
This host is running Cfingerd service and is prone to information disclosure vulnerability.
Impact
Successful exploitation will allow attacker to obtain sensitive information that could aid in further attacks.
Impact Level: Application
Solution
Upgrade to Cfingerd version 1.2.3 or later
For updates refer to http://www.infodrom.org/projects/cfingerd/finger.php
Insight
The flaw exists due to an error in the finger service which allows to list all usernames on the host via 'search.**' command.
Affected
Cfingerd version 1.2.2
References
Severity
Classification
-
CVE CVE-1999-0259 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities