ISS X-Force Database: finger-out(48): Stock fingerd running

Stock fingerd running

finger-out (48)

Low Risk

Description:

The finger service or daemon was detected as running. Finger can give an attacker information, such as login accounts and trusted hosts.

Platforms Affected:

Apple, Mac OS
Cisco, IOS
Compaq, Tru64
Data General, DG/UX
HP, HP-UX
IBM, AIX
IBM, OS2
Linux, Kernel
Microsoft, Windows 2000
Microsoft, Windows 2003 Server
Microsoft, Windows 95
Microsoft, Windows 98
Microsoft, Windows 98SE
Microsoft, Windows Me
Microsoft, Windows NT 4.0
Microsoft, Windows XP
Novell, NetWare
SCO, SCO Unix
SGI, IRIX
Sun, Solaris
Various vendors, Finger Service
WindRiver, BSDOS

Remedy:

Disable finger, or install a finger daemon that limits the type of information provided.

Unix: Disable the finger daemon, or configure the type of information available from finger. Unix systems can use GNU finger available from the GNU finger 1.37 download site. See References.

To disable the finger daemon started from inetd:

Edit the /etc/inetd.conf (or equivalent) file.
Locate the line that controls the daemon.
Type a # at the beginning of the line to comment out the daemon.
Restart inetd.

— OR —

For more information on GNU finger, go to the GNU finger 1.37 download site. See References.

Windows: The finger service is not native to Windows, but may be present.

Note: The finger service may be included as part of another application, such as Netscape Mail Server.

CAUTION: Repeated use of finger can cause a system to become overloaded, which can cause it to stop responding. An attacker can use this susceptibility to disrupt the network.

To stop or disable the service in Windows NT:

Open the Services control panel. From the Windows NT Start menu, select Settings, Control Panel, Services.

Select the service.

Click Stop.

When the service has stopped, click Startup.

Choose one of these options:

To permanently disable the service, click Disabled.
To turn the service off unless manually activated by the user or a program, click Manual.

Click OK, then click Close.

Consequences:

Obtain Information

References:

FTP directory /pub/gnu/finger/ at prep.ai.mit.edu, GNU finger 1.37 download at ftp://prep.ai.mit.edu/pub/gnu/finger/finger-1.37.tar.gz.
CVE-1999-0612: A version of finger is running that exposes valid user information to any entity on the network.

Reported:

Not available

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page