Hiroyuki Yamamori discovered that rsh incorrectly handled certain
filenames. If a user or automated system were tricked into connecting to a
malicious rsh server, a remote attacker could possibly use this issue to
modify directory permissions.

Read More