2025-08-22 11:09:39 +05:30
id : linux-rsh-service
info :
name : rsh Service Should Be Disabled
author : songyaeji
severity : high
description : |
Assessed the operational status of the rsh service on the system.Running rsh could have allowed unauthorized users to gain access or extract sensitive information, representing a significant security risk.
reference :
- https://isms.kisa.or.kr
2025-08-28 23:41:32 +05:30
tags : linux,local,audit,kisa,compliance
2025-08-22 11:09:39 +05:30
self-contained : true
code :
- engine :
- sh
- bash
source : |
if grep -i 'disable[[:space:]]*=[[:space:]]*no' /etc/xinetd.d/rsh 2>/dev/null; then
echo "[VULNERABLE] rsh service is enabled"
else
echo "[SAFE] rsh service is disabled"
fi
matchers :
- type : word
part : response
words :
2025-08-23 06:34:08 +00:00
- "[VULNERABLE]"
2025-08-29 10:06:03 +00:00
# digest: 490a00463044022033b38de938931e97c6dae4db07a43ccf5b914fdc77d09467f50ed7f9fe8e027e0220453f6d5a24c1e28bfaab7ac33a33aa2ab1de8c671b76ac3a76df3d8efe0e7ab7:922c64590222798bb761d5b6d8e72950
