Vulnerability Note VU#13217

Problem with HP r-cmnds

Original Release date: 14 Dec 2001 | Last revised: 14 Dec 2001


A problem existed with HP versions of the r-commands (remshd, rexecd, rlogin, rlogind, remsh, rcp, rexec, rdist) in use circa December, 1998.


See HEWLETT-PACKARD COMPANY SECURITY BULLETIN: #00090, (registration required) 07 December 1998 for a description of the problem. No other information is available. Quoting from that bulletin:

Various HP-UX remote network commands (r-cmnds) in the fileset InternetSrvcs.INETSVCS-RUN have been enhanced.  These include remshd(1M), rexecd(1M), rlogind(1M), rlogin(1), remsh(1), rcp(1), rexec(1), and rdist(1). All of these commands have been bundled into one convenient patch to address various operational and security defects noted the recent past.


The complete impact of this vulnerability is unknown.


Install a patch as described in the bulletin, or upgrade to a later version.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Hewlett PackardAffected-14 Dec 2001
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



This document was written by Shawn V Hernan.

Other Information

  • CVE IDs: Unknown
  • Date Public: 07 Dec 99
  • Date First Published: 14 Dec 2001
  • Date Last Updated: 14 Dec 2001
  • Severity Metric: 0.42
  • Document Revision: 6


If you have feedback, comments, or additional information about this vulnerability, please send us email.