by Josh Patterson
1. August 2010 12:10
Interestingly enough, just a week after I posted to my blog about the possibility of an entry about exploits, I receive an email about an exploit of one of my oldest (and most embarrassing) socket applications: "Finger Server". If you're under 20 years old at the time of this posting then you may need to perform a search for the term "finger Protocol".
I do not really care much for this application anymore but I'm not going to leave a utility with a known vulnerability available via a security website. That wouldn't seem right.
So, what's the exploit? What might one gain from exploiting the server? How can I fix it?
Fortunately, these are all pretty easy to answer when it comes to this application, mainly, because I have the source code and secondly because the heart of the program is only roughly 50 lines of C code. Yea, that'll be easy to patch up!
Subscribe