From owner-freebsd-security  Fri Sep 11 11:26:25 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id LAA09624
          for freebsd-security-outgoing; Fri, 11 Sep 1998 11:26:25 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from Amnesiac.123.org (Amnesiac.mtl.pl [195.116.4.13])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA09616
          for <security@FreeBSD.ORG>; Fri, 11 Sep 1998 11:26:12 -0700 (PDT)
          (envelope-from mcl@mtl.pl)
Received: from Amnesiac.mtl.pl (mcl@Amnesiac.mtl.pl [195.116.4.13])
	by Amnesiac.123.org (8.9.1/8.9.0) with SMTP id UAA18781;
	Fri, 11 Sep 1998 20:25:33 +0200 (CEST)
Date: Fri, 11 Sep 1998 20:25:33 +0200 (CEST)
From: Michal Listos <mcl@mtl.pl>
X-Sender: mcl@Amnesiac.123.org
To: Hector Gonzalez Jaime <cacho@ns.iteso.mx>
cc: security@FreeBSD.ORG
Subject: Re: fingerd exploit 
In-Reply-To: <Pine.BSF.3.91.980911124340.7689A-100000@naserv.gdl.iteso.mx>
Message-ID: <Pine.BSF.4.00.9809112024350.18423-100000@Amnesiac.123.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, 11 Sep 1998, Hector Gonzalez Jaime wrote:

> Maybe it has something to do with a message in bugtraq (like a month ago) 
> about finger forwarding?  It affected Solaris/SunOS, and it has something 
> to do with fingerd allowing you to do this:
> 
> finger user@host.one@host.two@host.three@so.on
> 
> FreeBSD's fingerd lets you do this one, don't know if it hurts or not.
>From FreeBSD's fingerd manual page:

     -s      Enable secure mode.  Queries without a user name are rejected and
             forwarding of queries to other remote hosts is denied.

						Michal

* Reincarnation: Life sucks, then you die. Then life sucks again.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message