Detections
Analytics

1.54 RHEL-09-215035

Information

RHEL 9 must not have the rsh-server package installed.

GROUP ID: V-257830
RULE ID: SV-257830r958478

The "rsh-server" service provides unencrypted remote access service, which does not provide for the confidentiality and integrity of user passwords or the remote session and has very weak authentication. If a privileged user were to login using this service, the privileged user password could be compromised. The "rsh-server" package provides several obsolete and insecure network services. Removing it decreases the risk of accidental (or intentional) activation of those services.

Solution

Remove the rsh-server package with the following command:

$ sudo dnf remove rsh-server

See Also

https://workbench.cisecurity.org/benchmarks/22008

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, 800-53|CM-7a., CAT|II, CCI|CCI-000381, Rule-ID|SV-257830r958478_rule, STIG-ID|RHEL-09-215035, Vuln-ID|V-257830

Plugin: Unix

Control ID: 55c192ee197d0275e5e29b508e614f4c66951de02bdae6581eff314f59e0a7f5