Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4310

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4310
Last Modified 05 Sep 2008 05:27:55
Published 13 Aug 2007 05:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4310

Summary

The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503.

Vulnerable Systems

Operating System

  • Sun Solaris 7.0

  • Sun Solaris 8.0

  • Sun Solaris 9.0


References

BUGTRAQ - 20070727 Re: Solaris finger bug

BUGTRAQ - 20070727 Solaris finger bug

SREASON - 2996


Last Updated: 27 May 2016 10:45:50