Rsh contents.gifindex.gif

Rsh

The rsh vulnerability occurs when the /etc/hosts.equiv file contains an entry with a + in it by default. An intruder can log in from anywhere without a password.

Risk: High

OS Vulnerable: All (especially SunOS 4.x)

Fix: Remove the + from hosts.equiv.

Advisories: CA-91:12.Trusted.Hosts.Configuration.vulnerability , CA-92:03.Internet.Intruder.Activity, CA-92:14.Altered.System.Binaries.Incident