akfingerd 0.5 Multiple Vulnerabilities

medium Nessus Plugin ID 11193

Synopsis

The remote service is vulnerable to several flaws.

Description

The remote finger service appears to vulnerable to a remote attack which can disrupt the service of the finger daemon. This denial of service does not affect other services that may be running on the remote computer, only the finger service can be disrupted.

akfingerd version 0.5 or earlier is running on the remote host. This daemon has a history of security problems, make sure that you are running the latest version of akfingerd.

Versions 0.5 and earlier of akfingerd are vulnerable to a remote denial of service attack. They are also vulnerable to several local attacks.

Solution

akfingerd is no longer maintained. Disable the service and find an alternative finger daemon.

Plugin Details

Severity: Medium

ID: 11193

File Name: finger_akfingerd.nasl

Version: 1.19

Type: remote

Family: Misc.

Published: 12/12/2002

Updated: 8/22/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2002-2243, CVE-2002-2244, CVE-2002-2274

BID: 6323, 6324, 6325

CWE: 362

Detections

Analytics