FINGER_account enumeration attempt

 

Code: p472

Severity: Warning

 

Description: An information leak exploit against the old Solaris finger daemon

Impact: Intelligence gathering activity. The attacker may be trying to obtain a list of accounts on the victim host.

Corrective: Look for other IDS events involving the same IP addresses Check system logs for suspicious logins to the affected system, Disable the fingerd daemon Apply a vendor patch that removes the vulnerability