Finger service

finger-running (46)

Low Risk

Description:

The finger service or daemon was detected as running. Finger can give an attacker information, such as logon accounts and trusted hosts. This information could be useful to an attacker in performing an attack.

Consequences:

Obtain Information

Remedy:

Disable finger, or install a finger service or daemon that limits the type of information provided.

Windows: The finger service is not native to Windows, but may be present. To stop or disable the service in Windows NT:

1. Open the Services control panel. From the Windows NT Start menu, select Settings, Control Panel, Services.
2. Select the service.
3. Click Stop.
4. When the service has stopped, click Startup.
5. Choose one of these options:
• To permanently disable the service, click Disabled.
• To turn the service off unless manually activated by the user or a program, click Manual.
6. Click OK, then click Close.

Unix: Disable the finger daemon or configure the type of information available from finger. Unix systems can use GNU finger available from the GNU finger 1.37 download site. See References.

To disable the finger daemon when started from inetd:

1. Edit the /etc/inetd.conf (or equivalent) file.
2. Locate the line that controls the daemon.
3. Type a # at the beginning of the line to comment out the daemon.
4. Restart inetd.

— OR —

For more information on GNU finger, download the compressed file from the GNU finger 1.37 download site. See References. You will need decompression and untarring utilities to use this file.

References:

• FTP directory /pub/gnu/finger/ at prep.ai.mit.edu: GNU finger 1.37 download.
• CVE-1999-0612: A version of finger is running that exposes valid user information to any entity on the network.

Platforms Affected:

• Apple Mac OS
• Cisco IOS
• Compaq Tru64
• Data General DG/UX
• GNU Finger Service
• IBM AIX
• IBM OS2
• Linux Kernel
• Microsoft Windows 2000
• Microsoft Windows 2003 Server
• Microsoft Windows 95
• Microsoft Windows 98
• Microsoft Windows 98SE
• Microsoft Windows Me
• Microsoft Windows NT 4.0
• Microsoft Windows XP
• Novell NetWare
• SCO SCO Unix
• SGI IRIX
• Sun Solaris
• WindRiver BSDOS
• HP-UX

Reported:

Not available

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page