RSH.Root.Access
Description
This indicates an remote command execution using rsh as root.
The Remote Shell (rsh) is an application that executes shell commands as another user on another computer. It is an insecure protocols which sends information in plaintext over the network. Moreover, there is a lack of authorization vulnerability exists in Cisco Prime LAN Management Solution. The LSM comes with root and casuser user accounts enabled, either of which can execute
commands on the LMS system with root privileges.
Affected Products
Cisco Systems Prime LAN Management Solution 4.2.2 for Linux
Cisco Systems Prime LAN Management Solution 4.2.1 for Linux
Cisco Systems Prime LAN Management Solution 4.2 for Linux
Cisco Systems Prime LAN Management Solution 4.1 for Linux
Impact
System Compromise: Remote Attackers can gain control of vulnerable systems.
Recommended Actions
Use SSH instead of RSH.
Apply patch if there is Cisco Prime LMS installed in your network.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |