How to Analyze Network Protocols, Learn More >>

Being able to support more than 300 protocols in the latest version, Capsa Network Sniffer make it easy to analyze protocols in network and understand what is happening.

Recommend Network Analysis Software >>


RFC 1288 http://tools.ietf.org/html/rfc1288

The Finger user information protocol is a simple protocol which provides an interface to a remote user information program. It is a protocol for the exchange of user information. based on the Transmission Control Protocol, using TCP port 79 decimal (117 octal). The local host opens a TCP connection to a remote host on the Finger port. An RUIP becomes available on the remote end of the connection to process the request. The local host sends the RUIP a one line query based upon the Finger query specification, and waits for the RUIP to respond. The RUIP receives and processes the query, returns an answer, then initiates the close of the connection. The local host receives the answer and the close signal, then proceeds closing its end of the connection.

This protocol displays data. Any data transferred must be in ASCII format, with no parity, and with lines ending in CRLF (ASCII 13 followed by ASCII 10). This excludes other character formats such as EBCDIC, etc. This also means that any characters between ASCII 128 and ASCII 255 should truly be international data, not 7-bit ASCII with the parity bit set. Note: if ASCII 13 followed by ASCII 10 transferred the character wonít display (because the only meaning is to end the line).

Vulnerabilities for this protocol (from CVE)

CVE ID Protocol Source Port Targetport
CVE-1999-0612tcpany79
Description: A version of finger is running that exposes valid user information to any entity on the network.
CVE-1999-0259tcpany79
Description: cfingerd lists all users on a system via search.**@target.
CVE-1999-0152tcpany79
Description: The DG/UX finger daemon allows remote command execution through shell metacharacters.
CVE-1999-0150tcpany79
Description: The Perl fingerd program allows arbitrary command execution from remote users.
CVE-1999-0198tcpany79
Description: The Perl fingerd program allows arbitrary command execution from remote users.
CVE-1999-0197tcpany79
Description: The Perl fingerd program allows arbitrary command execution from remote users.
CVE-1999-0106tcpany79
Description: The Perl fingerd program allows arbitrary command execution from remote users.
CVE-1999-0105tcpany79
Description: The Perl fingerd program allows arbitrary command execution from remote users.

TCP/IP Protocols:

AHARP/RARPATMPBGP-4COPSDCAPDHCPDNS
DVMRPEGPEIGRPESPFANPFingerFTPHSRP
HTTPICMPICMPv6IGMPIGRPIMAP4IPIPDC
IPv6ISAKMPL2FL2TPLDAPMARSMobile IPNARP
NetBIOS/IPNHRPNTPOSPFPIMPOP3PPTPRadius
RIP2RIPng for IPv6RLOGINRSVPRTSPRUDPS-HTTPSCTP
SLPSMTPSNMPSOCKS V5TACACSTALITCPTELNET
TFTPUDPVan JacobsonVRRPWCCPX-WindowXOT