[4577] in bugtraq
Re: cfingerd vulnerability
daemon@ATHENA.MIT.EDU (Alan Brown)
Mon May 26 13:49:55 1997
Date: Mon, 26 May 1997 18:40:40 +1200
Reply-To: Alan Brown <alan@MANAWATU.GEN.NZ>
From: Alan Brown <alan@MANAWATU.GEN.NZ>
X-To: Ken Hollis <khollis@POWERBOX.NORTHWEST.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.95.970524223046.28316B-100000@powerbox.northwest.com>
For those who don't want to run cfingerd, sfingerd may be better suited.
This is safe fingerd. User directories aren't looked at directly, if a
user wants to be listed, their details go into a sfingerd directory.
This gets around the privacy issues associated with finger daemons in
many countries - only those who want to be found will be found.
ftp://hplyot.obspm.fr/net/sfingerd*.tar.gz
