From owner-freebsd-hackers  Mon Mar 13 11:46:15 1995
Return-Path: hackers-owner
Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id LAA16406 for hackers-outgoing; Mon, 13 Mar 1995 11:46:15 -0800
Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id LAA16400 for <hackers@freebsd.org>; Mon, 13 Mar 1995 11:46:11 -0800
Received: from masi.ibp.fr (masi.ibp.fr [132.227.60.23])
	by ibp.ibp.fr (8.6.11/jtpda-5.0) with ESMTP id UAA17708
	for <hackers@freebsd.org>; Mon, 13 Mar 1995 20:46:07 +0100
Received: from hebe.ibp.fr (hebe.ibp.fr [132.227.64.34])
	by masi.ibp.fr (8.6.11/jtpda-5.0) with ESMTP id UAA20126
	for <hackers@freebsd.org>; Mon, 13 Mar 1995 20:44:49 +0100
From: Remy.Card@masi.ibp.fr (Remy CARD)
Received: by hebe.ibp.fr
	(8.6.10/jtpda-5.0) id UAA10022
	for hackers@freebsd.org; Mon, 13 Mar 1995 20:44:28 +0100
Message-Id: <199503131944.UAA10022@hebe.ibp.fr>
Subject: finger @ bug (fwd)
To: hackers@FreeBSD.org
Date: Mon, 13 Mar 1995 20:44:27 +0100 (MET)
X-Mailer: ELM [version 2.4 PL21]
Content-Type: text
Content-Length: 1259      
Sender: hackers-owner@FreeBSD.org
Precedence: bulk


	This has just been sent to the linux-security mailing list.  Since
the FreeBSD's fingerd also has the bug, could someone please integrate the
fix?

		Remy

Forwarded message:
> Subject: finger @ bug
> To: linux-security@tarsier.cv.nrao.edu
> Date: Mon, 13 Mar 1995 14:58:31 +0100 (MEZ)
> From: Marek Michalkiewicz <ind43@ci3ux.ci.pwr.wroc.pl>
> 
> Hi,
> 
> in.fingerd has a bug which allows "recursive" fingering.  For example:
> 
> finger user@host.other.domain@host.domain
> 
> The bug is known for quite some time, and is not Linux-specific (it exists
> at least in SunOS, Solaris, SCO, IRIX, FreeBSD - but has been fixed in HP-UX
> for example).  It has some security implications: if you only allow finger
> access from local domain, you must do this on all machines in local domain.
> and it makes denial of service attack possible, especially on smaller Linux
> boxes (by forking lots of processes).
> 
> I have sent a patch for this to Florian.  You can get fixed in.fingerd
> source from ftp://ftp.ists.pwr.wroc.pl/pub/linux/bugfixes/fingerd.tar.gz
> or wait for a new NetKit-B release.
> 
> BTW, linux.nrao.edu has this problem too...
> 
> Regards,
> -- 
> Marek Michalkiewicz
> marekm@i17linuxa.ists.pwr.wroc.pl || ind43@ci3ux.ci.pwr.wroc.pl
>