The remote finger server allows anyone to execute arbitrary commands on this host by prepending a pipe in front of the name of the command to be executed. An attacker may use this flaw to gain a root shell on this host.

The remote finger server allows anyone to read arbitrary files on this host, by requesting the file name on port 79. An attacker may use this flaw to retrieve your password file or any file readable by the fingerd process.

The remote finger server discloses the full list of its users when it receives the query "a b c d e f g h". An attacker may use this flaw to try to log in with the name of each account being displayed, hoping to find a null or trivial password. 

The remote cfinger server is vulnerable to a format string attack that may allow an attacker execute arbitrary command on this host. In addition, cfingerd has been found to be vulnerable to privilege escalation and overflow attacks.

The remote host seems to be running a finger daemon. This service provides valuable information to attackers, and should be disabled.

The remote host seems to be running a finger daemon. This service provides valuable information to remote attackers, and should be disabled.

ID	Name	Severity
1282	in.fingerd Remote Command Execution	high
1281	FreeBSD 4.1.1 Finger Arbitrary File Access	high
1280	Solaris in.fingerd Crafted Request Information Disclosure	medium
1279	cfingerd < 1.4.4 Multiple Vulnerabilities	critical
1278	cfingerd Service Detection	info
1277	Finger Service Detection	critical
1276	Finger Service Detection	critical

Detections

Analytics

Finger Family for Nessus Network Monitor

high

high

medium

critical

info

critical

critical