GEN:SID | 1:1541 |
Message | FINGER version query |
Summary | This event is generated when an attempt is made to ascertain which version of fingerd is running on a host.
|
Impact | Information gathering.
|
Detailed Information | This event indicates that an attempt has been made to ascertain which version of the finger daemon is running on a host. This may be the prelude to an attack against that finger daemon.
|
Affected Systems | Any host running fingerd.
|
Attack Scenarios | An attacker can determine which version of fingerd is running then attempt to exploit fingerd if it is found to be vulnerable to attack.
|
Ease of Attack | Simple.
|
Corrective Action | Disallow access to fingerd from sources external to the protected network.
Disable the finger daemon.
|
Additional References | GNU Finger Manual: http://www.gnu.org/software/finger/manual/
|