| VID |
14015 |
| Severity |
40 |
| Port |
513 |
| Protocol |
TCP |
| Class |
R-Command |
| Detailed Description |
It's possible to log into the relevant system using the 'rlogin' service, because there are some problems about surrounding contents of /etc/hosts.equiv file or ~/.rhosts file, or not to set a password.
* References:
http://www.iss.net/security_center/static/676.php |
| Recommendation |
1. Disable the rlogin service if it's not needed (Comment out the "rlogin" line in /etc/inetd.conf and then revoke inetd daemon).
*Solaris 10, Solaris 11:
# svcadm disable svc:/network/rlogin:default
*Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
Open /etc/xinetd.d/rlogin and set disable=yes
and then restart xinetd
2. Set passwords if it exists accounts with no password.
3. Remove '+' if ~/.rhosts file or /etc/hosts.equiv file has it, and register hostname or IP address explicitly to trust with rlogin service. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
