Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1503

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2001-1503
Last Modified 05 Sep 2008 04:26:43
Published 31 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1503

Summary

The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.

Vulnerable Systems

Operating System

  • Sun Solaris 2.5

  • Sun Solaris 2.5.1

  • Sun Solaris 2.6

  • Sun Solaris 7.0

  • Sun Solaris 8.0

  • Sunos 5.5

  • Sunos 5.5.1

  • Sunos 5.6

  • Sunos 5.7

  • Sunos 5.8


References

XF - solaris-fingerd-list-accounts(7334)

BID - 3457

SUNALERT - 27116

VULNWATCH - 20011022 Solaris fingerd disclose complete user list


Last Updated: 27 May 2016 10:36:42