rlogin Service Detection

This script is Copyright (C) 1999-2014 Tenable Network Security, Inc.


Synopsis :

The rlogin service is listening on the remote port.

Description :

The remote host is running the 'rlogin' service. This service is
dangerous in the sense that it is not ciphered - that is, everyone can
sniff the data that passes between the rlogin client and the
rloginserver. This includes logins and passwords.

Also, it may allow poorly authenticated logins without passwords. If
the host is vulnerable to TCP sequence number guessing (from any
network) or IP spoofing (including ARP hijacking on a local network)
then it may be possible to bypass authentication.

Finally, rlogin is an easy way to turn file-write access into full
logins through the .rhosts or rhosts.equiv files.

You should disable this service and use ssh instead.

Solution :

Comment out the 'login' line in /etc/inetd.conf

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
Public Exploit Available : true

Family: Service detection

Nessus Plugin ID: 10205 ()

Bugtraq ID:

CVE ID: CVE-1999-0651