FTP Server root Directory .rhosts File Present

medium Nessus Plugin ID 11566

Language:

Synopsis

The remote host is affected by an information disclosure vulnerability.

Description

The remote anonymous FTP server has a .rhosts file set in its home directory. An attacker may use it to determine the trust relationships between this server and other hosts on the network.

Solution

Remove the .rhosts file from ~/ftp on this host.

Plugin Details

Severity: Medium

ID: 11566

File Name: ftp_rhosts.nasl

Version: Revision: 1.15

Type: remote

Family: FTP

Published: 5/4/2003

Updated: 12/23/2014

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Detections

Analytics