CVE-1999-0492

ffingerd 1.19 - User Enumeration via Response Analysis

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0492. PoCs published by Eilon Gishri.

AI-analyzed exploit summary This is a writeup describing an information leakage vulnerability in Ffingerd 1.19, where the presence or absence of a trailing period in error messages reveals whether a username exists on the system.

Description

The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Eilon Gishri · textremoteunix
https://www.exploit-db.com/exploits/20327

This is a writeup describing an information leakage vulnerability in Ffingerd 1.19, where the presence or absence of a trailing period in error messages reveals whether a username exists on the system.

Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Ffingerd 1.19
No auth needed
Prerequisites: network access to the target system's finger service
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0492

Scores

EPSS 0.0919
EPSS Percentile 94.7%

Details

Status published
Published Apr 23, 1999
Tracked Since Feb 18, 2026