Vulnerabilities > CVE-1999-0651

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

nessus

metasploit

NVD

Published: 1999-01-01

Updated: 2022-08-17

Summary

The rsh/rlogin service is running.

description	This module will test an rexec service on a range of machines and report successful logins. NOTE: This module requires access to bind to privileged ports (below 1024).
id	MSF:AUXILIARY/SCANNER/RSERVICES/REXEC_LOGIN
last seen	2020-03-09
modified	2018-12-12
published	2010-11-23
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0651 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0502
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/rservices/rexec_login.rb
title	rexec Authentication Scanner

description	This module will test an rlogin service on a range of machines and report successful logins. NOTE: This module requires access to bind to privileged ports (below 1024).
id	MSF:AUXILIARY/SCANNER/RSERVICES/RLOGIN_LOGIN
last seen	2019-11-29
modified	2018-12-12
published	2010-11-23
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0651 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0502
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/rservices/rlogin_login.rb
title	rlogin Authentication Scanner

description	This module will test a shell (rsh) service on a range of machines and report successful logins. NOTE: This module requires access to bind to privileged ports (below 1024).
id	MSF:AUXILIARY/SCANNER/RSERVICES/RSH_LOGIN
last seen	2020-03-12
modified	2018-12-12
published	2010-11-23
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0651 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0502
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/rservices/rsh_login.rb
title	rsh Authentication Scanner

NASL family	Service detection
NASL id	RLOGIN.NASL
description	The rlogin service is running on the remote host. This service is vulnerable since data is passed between the rlogin client and server in cleartext. A man-in-the-middle attacker can exploit this to sniff logins and passwords. Also, it may allow poorly authenticated logins without passwords. If the host is vulnerable to TCP sequence number guessing (from any network) or IP spoofing (including ARP hijacking on a local network) then it may be possible to bypass authentication. Finally, rlogin is an easy way to turn file-write access into full logins through the .rhosts or rhosts.equiv files.
last seen	2020-06-01
modified	2020-06-02
plugin id	10205
published	1999-08-30
reporter	This script is Copyright (C) 1999-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10205
title	rlogin Service Detection

NASL family	Service detection
NASL id	RSH.NASL
description	The rsh service is running on the remote host. This service is vulnerable since data is passed between the rsh client and server in cleartext. A man-in-the-middle attacker can exploit this to sniff logins and passwords. Also, it may allow poorly authenticated logins without passwords. If the host is vulnerable to TCP sequence number guessing (from any network) or IP spoofing (including ARP hijacking on a local network) then it may be possible to bypass authentication. Finally, rsh is an easy way to turn file-write access into full logins through the .rhosts or rhosts.equiv files.
last seen	2020-06-01
modified	2020-06-02
plugin id	10245
published	1999-08-22
reporter	This script is Copyright (C) 1999-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10245
title	rsh Service Detection