Date: Mon, 13 Mar 1995 12:44:49 -0800 (PST) From: "Rodney W. Grimes" <rgrimes@gndrsh.aac.dev.com> To: Remy.Card@masi.ibp.fr (Remy CARD) Cc: hackers@FreeBSD.org Subject: Re: finger @ bug (fwd) Message-ID: <199503132044.MAA08578@gndrsh.aac.dev.com> In-Reply-To: <199503131944.UAA10022@hebe.ibp.fr> from "Remy CARD" at Mar 13, 95 08:44:27 pm
next in thread | previous in thread | raw e-mail | index | archive | help
>
>
> This has just been sent to the linux-security mailing list. Since
> the FreeBSD's fingerd also has the bug, could someone please integrate the
> fix?
The security report is wrong about FreeBSD:
gndrsh:rgrimes {207} finger rgrimes@gndrsh.aac.dev.com@hookturn.aac.dev.com
[hookturn.aac.dev.com]
forwarding service denied
You have new mail.
gndrsh:rgrimes {208}
FreeBSD (atleast -current, and from looking at the cvs logs 2.0 and
latter) does not have this bug!
>
> Remy
...
> > Hi,
> >
> > in.fingerd has a bug which allows "recursive" fingering. For example:
> >
> > finger user@host.other.domain@host.domain
...
--
Rod Grimes rgrimes@gndrsh.aac.dev.com
Accurate Automation Company Custom computers for FreeBSD
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199503132044.MAA08578>