> On Thu, 13 Oct 1994, Tony Jago wrote: > > example: finger @brolga.cc.uq.oz.au@archie.au > > I am not sure if this a "bug" or not but alot of system allow this sort > > of thing. HP-UX doesn't. SunOS does. > > I don't think this is a bug. Neither it is a feature..it is a common hack > many people knows but doesnt seem to have a serious security loophole. There is a serious bug in the Ultrix OS which allows a remote finger request to dump all known user finger profiles back out to the requestor (this has been known for quite some time). Example: finger @@some.ultrix.host.com This would dump all system known users. The first '@' is translated to a NULL and fools fingerd into dumping everything. -- The same hack in a different fashion on SunOS 4.1.x will give random users profiles (at least from what I have seen.. At one time I thought not). Example: finger 23234123123123123@some.sunos.host.com The rather large number has strange effect on fingerd -- I haven't looked close enought to see what. --Scott chasin@crimelab.com