rexecd Service Detection

critical Nessus Plugin ID 10203

Language:

Synopsis

The rexecd service is running on the remote host.

Description

The rexecd service is running on the remote host. This service is design to allow users of a network to execute commands remotely.
However, rexecd does not provide any good means of authentication, so it may be abused by an attacker to scan a third-party host.

Solution

Comment out the 'exec' line in /etc/inetd.conf and restart the inetd process.

Plugin Details

Severity: Critical

ID: 10203

File Name: rexecd.nasl

Version: 1.32

Type: remote

Published: 8/31/1999

Updated: 8/13/2018

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Vulnerability Publication Date: 6/7/1999

Reference Information

CVE: CVE-1999-0618