| VID |
14114 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
Remote access through 'r'command may be used for * NET Backup or other purposes, but it is very vulnerable to security, so if the service port is open, it may cause infringement such as leakage of
important information and system failure. If this is inevitable, you should set the /etc/hosts.equiv file user to root or the appropriate account and set the permissions to 600.
* Affected platforms:
UNIX, Linux |
| Recommendation |
Change the owner or authority of /etc/hosts.equiv as follows:
1. Change the owner of the "/etc/hosts.equiv" file to root or to the appropriate account
#chown root /etc/hosts.equiv
2. Change permissions of "/etc/hosts.equiv" file to below 600
#chmod 600 /etc/hosts.equiv |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
