Versions of fingerd older than November 1988 contain a bug. Older versions should be replaced with a newer version.
The finger command, as well as rexec, rwho, rusers, netstat and systat, reveal information which may be valuable to potential crackers. Information revealed may be used to monitor login and network activity or to guess passwords. To improve security, it is recommended that theses services be disabled.