[7527] in bugtraq
Solaris 2.5.1/2.6 fingerd bug
daemon@ATHENA.MIT.EDU (Fiji)
Wed Aug 5 12:40:55 1998
Date: Wed, 5 Aug 1998 11:39:02 -0400
Reply-To: Fiji <jfay@STETSON.EDU>
From: Fiji <jfay@STETSON.EDU>
To: BUGTRAQ@NETSPACE.ORG
Well it seems that Sun reintroduced the finger forwarding and finger DoS
into Solaris 2.5.1 and 2.6.
try finger @host@host@host....145 times.... This should run the # of
processes in excess of 1500 and shoot the system load up to at least 13.5.
You can also do a finger @hosta@hostb where hostb is a machine running
2.5.1 or 2.6. Now this has not been confirmed on Solaris (x86). The bug id
is 4161606 but yet there is no patch available as of today.
-Fiji
