Vulnerability Description
The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Sunos | 5.7 |
References
- http://securityreason.com/securityalert/2996
- http://www.securityfocus.com/archive/1/474858/100/100/threaded
- http://www.securityfocus.com/archive/1/474927/100/100/threaded
- http://securityreason.com/securityalert/2996
- http://www.securityfocus.com/archive/1/474858/100/100/threaded
- http://www.securityfocus.com/archive/1/474927/100/100/threaded
FAQ
What is CVE-2007-4310?
CVE-2007-4310 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstra...
How severe is CVE-2007-4310?
CVE-2007-4310 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4310?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Sunos.