The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote malicious users to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun sunos 5.9 |
||
sun sunos 5.7 |
||
sun sunos 5.8 |