On Thu, 13 Oct 1994, Scott Chasin wrote: > There is a serious bug in the Ultrix OS which allows a remote finger > request to dump all known user finger profiles back out to the > requestor (this has been known for quite some time). > > Example: finger @@some.ultrix.host.com > > This would dump all system known users. The first '@' is translated to > a NULL and fools fingerd into dumping everything. > > -- > > The same hack in a different fashion on SunOS 4.1.x will give random users > profiles (at least from what I have seen.. At one time I thought not). > > Example: finger 23234123123123123@some.sunos.host.com > > The rather large number has strange effect on fingerd -- I haven't looked > close enought to see what. > > --Scott > chasin@crimelab.com Try 'finger 0@some.sunos.host.com'. There's code in finger to determine which building a person is in, and they're numbered. Berkeley buildings, I think. It was in the comp.sys.bugs.bsd (or some permutation thereof) a while back. (I couldn't *get* any more vague, sorry.) ObBug: Ooops, just used it. -- Charles Howes -- chowes@helix.net Always tell the truth, then you make it the other bloke's problem! - Sean Connery, 1971