From owner-freebsd-security  Fri Sep 11 07:14:54 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA05427
          for freebsd-security-outgoing; Fri, 11 Sep 1998 07:14:54 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from ns1.seidata.com (ns1.seidata.com [208.10.211.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA05422
          for <security@FreeBSD.ORG>; Fri, 11 Sep 1998 07:14:53 -0700 (PDT)
          (envelope-from mike@seidata.com)
Received: from localhost (mike@localhost)
	by ns1.seidata.com (8.8.8/8.8.5) with SMTP id KAA01648;
	Fri, 11 Sep 1998 10:17:31 -0400 (EDT)
Date: Fri, 11 Sep 1998 10:17:31 -0400 (EDT)
From: Mike <mike@seidata.com>
To: Lutz Rabing <LutzRab@omc.net>
cc: security@FreeBSD.ORG
Subject: Re: fingerd exploit 
In-Reply-To: <199809111029.MAA04513@office.omc.net>
Message-ID: <Pine.BSF.4.01.9809111015030.29005-100000@ns1.seidata.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, 11 Sep 1998, Lutz Rabing wrote:

> Has anybody heared of a fingerd exploit ?

Yes and no...  I haven't heard of a 'exploit', but I have heard
conversations about finger oddities...  namely I've overheard people
discussing 'odd behavior on the part of finger'.  I, unfortuneately,
don't have much more information.  The oddity did relate to multiple
instances of fingerd (as you report), I believe...

Do you run the vanilla finger or a variant such as secure finger?

	-mike


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message