Signature Detail

FINGER: Redirection

This signature detects attempts to exploit the FINGER service. Attackers can remotely send requests to the FINGER server for redirection to another FINGER server, allowing requests to "bounce" through the target-host finder daemon.

Extended Description

Recursive Finger queries may be leveraged to gather information on users and hosts anonymously. It could also be possible for an attacker to create a denial of service by creating an infinite query loop or "finger bomb".

References

• CVE: CVE-1999-0106
• URL: http://www.iss.net/security_center/advice/Intrusions/2001102/default.htm