Solaris in.fingerd information disclosure vulnerability

Description

A vulnerability in the in.fingerd daemon in Sun Solaris versions 8 and earlier could allow a remote attacker to obtain sensitive account information. A remote attacker can send a specially-crafted finger request to a vulnerable system to cause a list of accounts to be returned to the attacker. This information can be used by the attacker to launch further attacks against the affected host.

The following request is sufficient to disclose a list of users:
finger 'a b c d e f g h'@sunhost

Remediation

It is recommended to disable this service.

References