FINGER_null request


Code: p473

Severity: Warning


Description: This event is generated when a null character in a Finger request is detected.

Impact: Some systems will respond to a null finger request by supplying a list of usernames present on the host. Disclosure of usernames is an Information Gathering risk. The remote user can use this information in other exploits that require knowing user names, or as a basis for social engineering.

Corrective: Disable the finger daemon in inetd.conf, or block untrusted access to port 79 using a packet filtering firewall.