rsh NULL Login Remote Privilege Escalation

Critical Nessus Plugin ID 10096


Arbitrary commands can be run on this host.


It is possible to execute arbitrary command on this host using rsh by supplying a NULL username.


Configure rsh properly or disable it.

Plugin Details

Severity: Critical

ID: 10096

File Name: rsh_null.nasl

Version: $Revision: 1.15 $

Type: remote

Published: 2002/07/25

Modified: 2013/01/25

Dependencies: 10245, 17975

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: rsh/active

Vulnerability Publication Date: 1995/03/11

Reference Information

CVE: CVE-1999-0180

OSVDB: 11523