Rusersd Vulnerability


Summary

The rusersd process provides a list of users logged on to the computer in a format similar to the local "w" command. This information may be valuable to the hacker since it gives hime positive evidence of user activity. Normally, the hacker would wait until everyone is looged off before we "goes to work".

Impact

The rusersd program can be a valuable tool since it informs him when "nobody is around".

The Problem

The rusersd program provides useful information to the hacker in the form of

Resolution

This vulnerability can be eliminated by:

CVE Reference(s):