[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-91914-2

Platform: ubuntu16.04Date: (C)2018-07-09   (M)2022-10-10



Ensure rsh server is not enabled The Berkeley rsh-server (rsh, rlogin, rcp) package contains legacy services that exchange credentials in clear-text.


Parameter:


Technical Mechanism:

These legacy service contain numerous security exposures and have been replaced with the more secure SSH package. Fix: "Remove or comment out any shell, login, or exec lines in /etc/inetd.conf: ""#shell stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.rshd #login stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.rlogind #exec stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.rexecd"""

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:46175


OVAL    1
oval:org.secpod.oval:def:46175

© SecPod Technologies