From owner-freebsd-hackers Mon Mar 13 14:20:58 1995 Return-Path: hackers-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id OAA00544 for hackers-outgoing; Mon, 13 Mar 1995 14:20:58 -0800 Received: from gndrsh.aac.dev.com (gndrsh.aac.dev.com [198.145.92.241]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id OAA00538 for ; Mon, 13 Mar 1995 14:20:55 -0800 Received: (from rgrimes@localhost) by gndrsh.aac.dev.com (8.6.8/8.6.6) id MAA08578; Mon, 13 Mar 1995 12:44:50 -0800 From: "Rodney W. Grimes" Message-Id: <199503132044.MAA08578@gndrsh.aac.dev.com> Subject: Re: finger @ bug (fwd) To: Remy.Card@masi.ibp.fr (Remy CARD) Date: Mon, 13 Mar 1995 12:44:49 -0800 (PST) Cc: hackers@FreeBSD.org In-Reply-To: <199503131944.UAA10022@hebe.ibp.fr> from "Remy CARD" at Mar 13, 95 08:44:27 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Content-Length: 789 Sender: hackers-owner@FreeBSD.org Precedence: bulk > > > This has just been sent to the linux-security mailing list. Since > the FreeBSD's fingerd also has the bug, could someone please integrate the > fix? The security report is wrong about FreeBSD: gndrsh:rgrimes {207} finger rgrimes@gndrsh.aac.dev.com@hookturn.aac.dev.com [hookturn.aac.dev.com] forwarding service denied You have new mail. gndrsh:rgrimes {208} FreeBSD (atleast -current, and from looking at the cvs logs 2.0 and latter) does not have this bug! > > Remy ... > > Hi, > > > > in.fingerd has a bug which allows "recursive" fingering. For example: > > > > finger user@host.other.domain@host.domain ... -- Rod Grimes rgrimes@gndrsh.aac.dev.com Accurate Automation Company Custom computers for FreeBSD