You could pipe from finger, then print the output. I don't know about security issues re: finger, but you should definitely untaint the stuff you're passing into the system. You should do a safe pipe open as described in perlipc.

Or perhaps there's a module for finger... aha: Net::Finger. From the docs:

    $response = finger('corbeau@execpc.com');
    unless ($response) {
        warn "Finger problem: $Net::Finger::error";
    }
[download]

Probably best off using that then.