| VID |
17031 |
| Severity |
20 |
| Port |
111 |
| Protocol |
TCP,UDP |
| Class |
RPC |
| Detailed Description |
The rusersd RPC service is running. It provides an attacker interesting informations such as how often the system is being used, the names of the users, and so on.
and there is a potential bug in older versions of this service that allow an intruder to execute arbitrary commands on your system. |
| Recommendation |
Disable the 'rusersd' rpc service if it's not needed, or use it after asking to the vendor whether not to be vulnerable.
To disable 'rqoutad' service,
first, you become a root, and then stop the service like the following:
# rpcinfo -d 100002 [version num]
And comment its entry by putting a # at the beginning of the line and revoke 'inetd' daemon.
Solaris 10, Solaris 11, Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
1. you become a root, and then stop the service like the following:
# rpcinfo -d [program num] [version num]
2. comment its entry by putting a # at the beginning of the line with 'rusersd' in /etc/rpc
3. # pkill -HUP (x)inetd |
| Related URL |
CVE-1999-0626 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
