
Rexec Service
The rexec service has been found. This service allows a user to execute
commands remotely, and typically requires that user names and passwords be passed in
clear text across the network. Under Windows NT, the Ataman version of this
service writes errors to the application log. The application log is readable
by any user with permission to access the computer from the network, which could
potentially report details about why a given user was unable to log in.
Risk: Low
OS Vulnerable: UNIX, Windows NT
Fix: Comment out rexec from inetd.conf, or under Windows NT open Control Panel,
Services to disable the service.