This script is Copyright (C) 2002-2012 Tenable Network Security, Inc.
It is possible to connect to this host as 'root' without a password.
The remote /bin/login seems to be affected by a 'forced root login'
vulnerability. By attempting to connet via rlogin and forcing it to
use the root account (rlogin -froot), any attacker may use this flaw
to gain remote root access on this system.
Upgrade your /bin/login, or comment out the 'rlogin' line in
/etc/inetd.conf and restart the inetd process
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 10.0
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 10161 ()
Bugtraq ID: 458
CVE ID: CVE-1999-0113
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.