Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Useless services >> Rsh Server Detection


Vulnerability Assessment Details

Rsh Server Detection

Vulnerability Assessment Summary
Searches for the existence of rsh

Detailed Explanation for this Vulnerability Assessment

Summary :

The rsh service is running.

Description :

The remote host is running the 'rsh' service. This service is dangerous in
the sense that it is not ciphered - that is, everyone can sniff the data
that passes between the rsh client and the rsh server. This includes logins
and passwords.

Also, it may permit poorly authenticated logins without passwords. If the
host is vulnerable to TCP sequence number guessing (from any network)
or IP spoofing (including ARP hijacking on a local network) then it may
be possible to bypass authentication.

Finally, rsh is an easy way to turn file-write access into full logins
through the .rhosts or rhosts.equiv files.

You should disable this service and use ssh instead.

Solution :

Comment out the 'rsh' line in /etc/inetd.conf

Network Security Threat Level:

Low / CVSS Base Score : 2
(AV:R/AC:H/Au:R/C:P/A:N/I:N/B:C)

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security

Cables, Connectors


Dell Precision T5600/t5610 Xeon E5-2670 2.6Ghz 16GB DDR3 RAM NO HDD Nvidia picture

Dell Precision T5600/t5610 Xeon E5-2670 2.6Ghz 16GB DDR3 RAM NO HDD Nvidia

$80.00



HP Z820 Workstation 2x Xeon E5-2690 2.9ghz 16-Cores / 128gb Ram / 1Tb HD / Win10 picture

HP Z820 Workstation 2x Xeon E5-2690 2.9ghz 16-Cores / 128gb Ram / 1Tb HD / Win10

$419.99



Matched Pair __ Intel Xeon Gold 6152 2.1Ghz 22-Core 140W CPU SR3B4 picture

Matched Pair __ Intel Xeon Gold 6152 2.1Ghz 22-Core 140W CPU SR3B4

$209.95



Dell Precision 5810 Workstation Xeon E5-1650 6C 3.5GHz 16GB 500GB Win10 K2200 picture

Dell Precision 5810 Workstation Xeon E5-1650 6C 3.5GHz 16GB 500GB Win10 K2200

$124.67



SR1XP Intel Xeon E5-2680 v3 12 Core 30MB 2.5GHz LGA 2011-3 Grade A Processor picture

SR1XP Intel Xeon E5-2680 v3 12 Core 30MB 2.5GHz LGA 2011-3 Grade A Processor

$3.97



Intel Xeon E5-2697 V4 2.30 GHz 18C 2011-3 2400MHz 45MB 145W SR2JV CPU Processor picture

Intel Xeon E5-2697 V4 2.30 GHz 18C 2011-3 2400MHz 45MB 145W SR2JV CPU Processor

$49.99



Intel Xeon E5-2697A v4 SR2K1 2.60GHz 40MB 16-Core LGA2011-3 CPU Processor picture

Intel Xeon E5-2697A v4 SR2K1 2.60GHz 40MB 16-Core LGA2011-3 CPU Processor

$39.99



Intel Xeon W-2145 8-Core 3.70GHz 11MB LGA2066 Processor SR3LQ picture

Intel Xeon W-2145 8-Core 3.70GHz 11MB LGA2066 Processor SR3LQ

$100.00



HP Z420 Workstation Xeon E5-2690 2.9ghz 8-Cores / 32gb / 1TB / DVD /  Win10 picture

HP Z420 Workstation Xeon E5-2690 2.9ghz 8-Cores / 32gb / 1TB / DVD / Win10

$119.99



Intel Xeon E5-2697A V4 2.6GHz 16-Core Processor CPU LGA2011 SR2K1 picture

Intel Xeon E5-2697A V4 2.6GHz 16-Core Processor CPU LGA2011 SR2K1

$47.99



Discussions

No Discussions have been posted on this vulnerability.