Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: finger-bombingScott Chasin (chasincrimelab.crimelab.com)
Thu, 13 Oct 94 21:22:48 CDT
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Adam Shostack: "Speaking of finger?"
- Previous message: Michael Covington: "Re: BBS"
- In reply to: James Seng: "Re: finger-bombing"
- Next in thread: Tom Fitzgerald: "Re: finger-bombing"
> On Thu, 13 Oct 1994, Tony Jago wrote: > > example: finger brolga.cc.uq.oz.auarchie.au > > I am not sure if this a "bug" or not but alot of system allow this sort > > of thing. HP-UX doesn't. SunOS does. > > I don't think this is a bug. Neither it is a feature..it is a common hack > many people knows but doesnt seem to have a serious security loophole. There is a serious bug in the Ultrix OS which allows a remote finger request to dump all known user finger profiles back out to the requestor (this has been known for quite some time). Example: finger some.ultrix.host.com This would dump all system known users. The first '' is translated to a NULL and fools fingerd into dumping everything. -- The same hack in a different fashion on SunOS 4.1.x will give random users profiles (at least from what I have seen.. At one time I thought not). Example: finger 23234123123123123some.sunos.host.com The rather large number has strange effect on fingerd -- I haven't looked close enought to see what. --Scott chasincrimelab.com