Vulnerability Name:

CCN-13704

Published:2003-11-12
Updated:2003-11-12
Summary:The remote shell (rsh) service allows a user to initiate a shell session on a remoter system, often without having to provide either a user ID or a password. Because of the lack of explicit authentication and because authentication details are passed in the clear, use of this service poses a high risk to a system. Access should be denied to remote systems that do not require access (ideally ‘ALL’).
CVSS v3 Severity:
CVSS v2 Severity:
Vulnerability Consequences:Informational
References:Source: CCN
Type: SANS/FBI Top 20 List
The Twenty Most Critical Internet Security Vulnerabilities

Source: XF
Type: UNKNOWN
rservice-shell-wrapper-deny(13704)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • AND
  • cpe:/o:sun:solaris:2.6::sparc:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:8::sparc:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:7.0::sparc:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    hp hp-ux 10.20
    sun solaris 2.6
    ibm aix 4.3
    sun solaris 8
    hp hp-ux 11
    redhat linux 7
    redhat linux 7.1
    redhat linux 7.2
    redhat linux 7.3
    sun solaris 9
    sun solaris 7.0