Lucene search
HistoryAug 13, 2007 - 9:17 p.m.
CVE-2007-4310
cve-2007-4310
sun solaris
finger daemon
remote code execution
security vulnerability
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.008 Low
EPSS
Percentile
81.2%
The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a “finger 9@host” command, a different vulnerability than CVE-2001-1503.
Related
prion
prion
Command injection
2007-08-13 21:17:00
cvelist
cvelist
CVE-2007-4310
2007-08-13 21:00:00
CVE-2001-1503
2005-06-21 04:00:00
securityvulns
securityvulns
Solaris finger bug
2007-07-28 00:00:00
openvas
openvas
Solaris Update for in.fingerd 111232-01
2009-06-03 00:00:00
Solaris Update for in.fingerd 111232-01
2009-06-03 00:00:00
nessus
nessus
Solaris in.fingerd Unused Accounts Disclosure
2001-10-22 00:00:00
cve
cve
CVE-2001-1503
2001-12-31 05:00:00
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.008 Low
EPSS
Percentile
81.2%
Related for CVE-2007-4310