2025-08-22 11:09:39 +05:30
id : linux-rexec-service
info :
name : rexec Service Should Be Disabled
author : songyaeji
severity : high
description : |
Assessed the operational status of the rexec service on the system.Running rexec could have allowed unauthorized users to gain access or extract sensitive information, representing a significant security risk.
reference :
- https://isms.kisa.or.kr
2025-08-28 23:41:32 +05:30
tags : linux,local,audit,kisa,compliance
2025-08-22 11:09:39 +05:30
self-contained : true
code :
- engine :
- sh
- bash
source : |
if grep -i 'disable[[:space:]]*=[[:space:]]*no' /etc/xinetd.d/rexec 2>/dev/null; then
echo "[VULNERABLE] rexec service is enabled"
else
echo "[SAFE] rexec service is disabled"
fi
matchers :
- type : word
part : response
words :
2025-08-23 06:34:08 +00:00
- "[VULNERABLE]"
2025-08-29 10:06:03 +00:00
# digest: 490a00463044022003bbbed1e0bd7a6f80f662b6ecc935324f16f9097cf8c7fddaebca4e567fc26f02204a000af2bb0c14fb63940f14fd5e04647a2e49f2d56fecb1555ec9573f42c439:922c64590222798bb761d5b6d8e72950
