rsh Unauthenticated Access (via finger Information)

This script is Copyright (C) 2000-2013 Tenable Network Security, Inc.


Synopsis :

It was possible to log on this machine without password.

Description :

Using common usernames as well as the usernames reported by 'finger',
Nessus was able to log in through rsh. Either the accounts are not
protected by passwords or the ~/.rhosts files are not configured
properly.

This vulnerability is confirmed to exist in Cisco Prime LAN Management
Solution, but could be present on any host that is not securely
configured.

Solution :

If the remote host is a Cisco Prime LAN Management Solution virtual
appliance, apply the relevant patch referenced in Cisco security
advisory cisco-sa-20130109-lms.

Otherwise, remove the .rhosts files or set a password on the impacted
accounts.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Gain a shell remotely

Nessus Plugin ID: 10380 ()

Bugtraq ID: 57221

CVE ID: CVE-2012-6392