漏洞描述
Assessed the operational status of the rlogin service on the system.Running rlogin could have allowed unauthorized users to gain access or extract sensitive information, representing a significant security risk.
linux-rlogin-service: rlogin Service Should Be Disabled
PoC代码[已公开]
id: linux-rlogin-service
info:
name: rlogin Service Should Be Disabled
author: songyaeji
severity: high
description: |
Assessed the operational status of the rlogin service on the system.Running rlogin could have allowed unauthorized users to gain access or extract sensitive information, representing a significant security risk.
reference:
- https://isms.kisa.or.kr
tags: linux,local,audit,kisa,compliance
self-contained: true
code:
- engine:
- sh
- bash
source: |
if grep -i 'disable[[:space:]]*=[[:space:]]*no' /etc/xinetd.d/rlogin 2>/dev/null; then
echo "[VULNERABLE] rlogin service is enabled"
else
echo "[SAFE] rlogin service is disabled"
fi
matchers:
- type: word
part: response
words:
- "[VULNERABLE]"
# digest: 4b0a00483046022100c6f1c8b6c83616490a00bc065ea6a8c8894a3a5c6163a952ac9f582026bfc9a5022100a9495cbde17bb7a534ecad34c9b2dc13f2adac753067701c127423b9a5c55451:922c64590222798bb761d5b6d8e72950