| VID |
14030 |
| Severity |
40 |
| Port |
512 |
| Protocol |
TCP |
| Class |
R-Command |
| Detailed Description |
An accessible account is detected through rexec. Remote attackers can gain access to the system using easily guessable or default passwords.
Rexec service allows a user to remotely execute commands, and typically requires that usernames and passwords be passed in plaintext across the network. Rexec uses weak authentication mechanisms, and has historically been used by attackers to penetrate systems. The rsh/rlogin/rexec services are active by default in the inetd.conf file.
* References:
http://www.iss.net/security_center/static/41.php
http://www.iss.net/security_center/reference/vulntemp/rexec-default.htm |
| Recommendation |
Consider disabling Rexec in the system. The Unix "r services" are clearly risky access channels to a system and are one of the first set of services disabled when securing a computer.
To disable rexec service, comment the associated entry out in the file /etc/inetd.conf. Then restart inetd.
Solaris 10, Solaris 11:
# svcadm disable svc:/network/rexec:default
Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
Open /etc/xinetd.d/rexec and set disable=yes
and then restart xinetd
-- OR --
Remove the Rexec account if it is not needed or change the password to something difficult to guess. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
