Description
The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7334
Third Party Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0016.html
Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-27116-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3457
Scores
EPSS
0.0026
EPSS Percentile
49.6%
Details
Status
published
Products (11)
sun/solaris
2.5
sun/solaris
2.5.1
sun/solaris
2.6
sun/solaris
7.0
sun/solaris
8.0
sun/sunos
sun/sunos
5.5 (2 CPE variants)
sun/sunos
5.5.1 (2 CPE variants)
sun/sunos
5.6 (2 CPE variants)
sun/sunos
5.7 (2 CPE variants)
... and 1 more
Published
Dec 31, 2001
Tracked Since
Feb 18, 2026