This host is running Cfingerd service and is prone to information disclosure vulnerability.

Successful exploitation will allow attacker to obtain sensitive information that could aid in further attacks. Impact Level: Application

Upgrade to Cfingerd version 1.2.3 or later For updates refer to http://www.infodrom.org/projects/cfingerd/finger.php

The flaw exists due to an error in the finger service which allows to list all usernames on the host via 'search.**' command.

Cfingerd version 1.2.2

• http://archives.neohapsis.com/archives/bugtraq/1997_2/0328.html
• http://osvdb.org/show/osvdb/32
• http://xforce.iss.net/xforce/xfdb/1811

---

Updated on 2015-03-25