Rsh Null Account contents.gifindex.gif

Rsh Null Account

Rsh allows users remote access without having to re-authenticate. This vulnerability allows an intruder to log in remotely without a password.

Risk: High

Fix: Disable the rshd daemon or contact your vendor for a patch. To disable rshd, comment out rshd in etc/inetd.conf and kill -HUP inetd.