AIX7-00-002058 - The AIX rexec daemon must not be running.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The exec service is used to execute a command sent from a remote server. The username and passwords are passed over the network in clear text and therefore insecurely. Unless required the rexecd daemon will be disabled. This function, if required, should be facilitated through SSH.

Solution

Disable the 'rexecd' entry in '/etc/inetd.conf' using command:
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'exec' -p 'tcp6'

Reload the inetd process:
# refresh -s inetd

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_AIX_7-x_V2R3_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, CAT|I, CCI|CCI-000197, CSCv6|9.1, Rule-ID|SV-215257r508663_rule, STIG-ID|AIX7-00-002058, STIG-Legacy|SV-101401, STIG-Legacy|V-91303, Vuln-ID|V-215257

Plugin: Unix

Control ID: ecd9875da9c037d9436c017211b5f2c6fb74f842804340d1d9888042504d3e8a