rexec-brute.nse returns false positives

[zjtmcozs]

The rexec-brute.nse script reports username:password combinations as "valid credentials" even though the response from the server is "rexecd: Login incorrect".

After looking at the source of the script it looks like it reports every tried user:pass combination as valid as long as the server sends a response. (https://svn.nmap.org/nmap/scripts/rexec-brute.nse)

[E3V3A]

The local link to rexec-brute.nse.
Do you know how to fix it? Then submit a PR.

[egypt]

Ran into this today. Modified the script to print the response and it looks like the server is sending "Authentication failed for user GUEST." which obviously isn't a successful execution.