CVE-2001-1503

2001-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sun solaris

sunos

cve-2001-1503

in.fingerd

fingerprint daemon

remote attacker

host account.list.

6.8 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

58.7%

JSON

The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger ‘a b c d e f g h’@host.

CPENameOperatorVersion
sun:sunossun sunoseq5.5
sun:solarissun solariseq2.5.1
sun:solarissun solariseq2.5
sun:sunossun sunoseq5.8
sun:sunossun sunoseq5.7
sun:sunossun sunoseq5.5.1
sun:solarissun solariseq7.0
sun:sunossun sunoseq5.6
sun:solarissun solariseq2.6
sun:solarissun solariseq8.0

CPE	Name	Operator	Version
sun:sunos	sun sunos	eq	5.5
sun:solaris	sun solaris	eq	2.5.1
sun:solaris	sun solaris	eq	2.5
sun:sunos	sun sunos	eq	5.8
sun:sunos	sun sunos	eq	5.7
sun:sunos	sun sunos	eq	5.5.1
sun:solaris	sun solaris	eq	7.0
sun:sunos	sun sunos	eq	5.6
sun:solaris	sun solaris	eq	2.6
sun:solaris	sun solaris	eq	8.0