CVE Vulnerabilities

CVE-2007-4310

Published: Aug 13, 2007 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a finger 9@host command, a different vulnerability than CVE-2001-1503.

Affected Software

Name Vendor Start Version End Version
Sunos Sun 5.7 (including) 5.7 (including)
Sunos Sun 5.8 (including) 5.8 (including)
Sunos Sun 5.9 (including) 5.9 (including)

References