in.rshd contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to a flaw in the rusersok function call. A remote attacker can potentially login to the system with a NULL username, resulting in a loss of integrity.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Disable the RSH service by commenting it out of the inetd.conf file and restarting the inetd process.