Multiple Unix 'r' Services Weak Authentication

1990-01-01T00:00:00
ID OSVDB:193
Type osvdb
Reporter OSVDB
Modified 1990-01-01T00:00:00

Description

Vulnerability Description

This host is running the 'rsh' service. This service provides the ability to run arbitrary commands on the host using normal 'r' utility authentication. Usernames and passwords are passed across the network in plaintext. An attacker can possibly sniff usernames and passwords and gain access to this host. This vulnerability may be a false positive on hosts protected by certain application-level firewalls or the firewalls themselves such as a Raptor Firewall or TIS Firewall Toolkit. On these systems a connection is not refused, but is established and then immediately closed.

Short Description

This host is running the 'rsh' service. This service provides the ability to run arbitrary commands on the host using normal 'r' utility authentication. Usernames and passwords are passed across the network in plaintext. An attacker can possibly sniff usernames and passwords and gain access to this host. This vulnerability may be a false positive on hosts protected by certain application-level firewalls or the firewalls themselves such as a Raptor Firewall or TIS Firewall Toolkit. On these systems a connection is not refused, but is established and then immediately closed.

References:

ISS X-Force ID: 92 ISS X-Force ID: 2995 CVE-1999-0651