
Rsh Null Account
Rsh allows users remote access without having to re-authenticate. This
vulnerability allows an intruder to log in remotely without a password.
Risk: High
Fix: Disable the rshd daemon or contact your vendor for a patch. To disable rshd,
comment out rshd in etc/inetd.conf and kill -HUP inetd.