Information Disclosure Vulnerability in Finger Command on Various Systems
CVE-1999-0197

Currently unrated

Key Information:

Vendor: Various
Status: Finger Command
Vendor: CVE Published:; 1 January 1999

What is CVE-1999-0197?

The finger command on certain Unix or Unix-like systems can unintentionally expose sensitive information by displaying details on user accounts. When executed with the appropriate parameters, it may reveal account names and statuses, potentially allowing unauthorized users to glean intelligence about available user accounts and their statuses on the system. This vulnerability can increase the risks of targeted attacks or unauthorized access, making it essential for system administrators to implement measures to mitigate this exposure.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/8378

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jun 7, 1999
Vulnerability published
Jan 1, 1999