[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90237-9

Platform: cpe:/o:apple:mac_os_x:10.10Date: (C)2015-06-23   (M)2023-07-04



Verify user who owns the file /usr/bin/rsh The owner of the rsh executable must be root. The rsh utility copies its standard input to the remote command, the standard output of the remote command to its standard output, and the standard error of the remote command to its standard error. Interrupt, quit and terminate signals are propagated to the remote command; rsh normally terminates when the remote command does.


Parameter:

[Root_User]


Technical Mechanism:

/usr/bin/rsh set via chown

CCSS Severity:CCSS Metrics:
CCSS Score : 8.4Attack Vector: LOCAL
Exploit Score: 2.5Attack Complexity: LOW
Impact Score: 5.9Privileges Required: NONE
Severity: HIGHUser Interaction: NONE
Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:25014


OVAL    1
oval:org.secpod.oval:def:25014
XCCDF    1
xccdf_org.secpod_benchmark_general_Mac_OS_X_10_10

© SecPod Technologies