
Rexd
When rexd is running on a remote system, anyone with a program emulating the
'on' command can gain shell access, which in turn provides access to the
password file and other files. This option checks to see if rexd is running.
Risk: High
Fix: You should disable rexd. Place a # at the beginning of the rexd line in the
file /etc/inetd.conf, and then send the SIGHUP signal to the inetd process. The
disabled entry should resemble this one:
Sun OS Patch ID: 100421-XX at