Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ACCOUNT_ROOT_RAIN.NASL
HistoryApr 07, 2014 - 12:00 a.m.

Default Password (rain) for 'root' Account

2014-04-0700:00:00
This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
385
JSON

The account ‘root’ on the remote host has the password ‘rain’. An attacker may leverage this to gain access, likely as an administrator, to the affected system.

Note that EMC Cloud Tiering Appliance is known to use these credentials by default.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

account = "root";
password = "rain";

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(73371);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id("CVE-1999-0502");

  script_name(english:"Default Password (rain) for 'root' Account");

  script_set_attribute(attribute:"synopsis", value:
"The remote system can be accessed with a default administrator
account.");
  script_set_attribute(attribute:"description", value:
"The account 'root' on the remote host has the password 'rain'. An
attacker may leverage this to gain access, likely as an administrator,
to the affected system.

Note that EMC Cloud Tiering Appliance is known to use these
credentials by default.");
  script_set_attribute(attribute:"solution", value:
"Change the password for this account or disable it.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:ND/RC:ND");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:X/RC:X");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-1999-0502");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'SSH User Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:emc:cloud_tiering_appliance");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:emc:cloud_tiering_appliance_virtual_edition");
  script_set_attribute(attribute:"default_account", value:"true");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Default Unix Accounts");

  script_copyright(english:"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("find_service1.nasl", "ssh_detect.nasl", "account_check.nasl");
  script_exclude_keys("global_settings/supplied_logins_only");
  script_require_ports("Services/telnet", 23, "Services/ssh", 22);

  exit(0);
}
include("audit.inc");
include("default_account.inc");
include("global_settings.inc");

if (supplied_logins_only) audit(AUDIT_SUPPLIED_LOGINS_ONLY);

if (! thorough_tests && ! get_kb_item("Settings/test_all_accounts"))
 exit(0, "Neither thorough_tests nor 'Settings/test_all_accounts' is set.");

affected = FALSE;
ssh_ports = get_service_port_list(svc: "ssh", default:22);
foreach port (ssh_ports)
{
  port = check_account(login:account, password:password, port:port, svc:"ssh");
  if (port)
  {
    affected = TRUE;
    security_report_v4(port:port, severity:SECURITY_HOLE, extra:default_account_report());
  }
}
if(affected) exit(0);

telnet_ports = get_service_port_list(svc: "telnet", default:23);
foreach port (telnet_ports)
{
  port = check_account(login:account, password:password, port:port, svc:"telnet");
  if (port)
  {
    affected = TRUE;
    security_report_v4(port:port, severity:SECURITY_HOLE, extra:default_account_report());
  }
}
if(!affected) audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
emccloud_tiering_appliancecpe:/h:emc:cloud_tiering_appliance
emccloud_tiering_appliance_virtual_editioncpe:/a:emc:cloud_tiering_appliance_virtual_edition

Related

nessus 161
openvas 24
saint 4
cve 1
packetstorm 2
zdt 3
rapid7community 1
threatpost 1
nessus
nessus
Unpassworded 'toor' Account
2003-02-20 00:00:00
Unpassworded 'EZsetup' Account
2003-02-20 00:00:00
Default Password (changeme) for 'splunkadmin' Account
2015-02-04 00:00:00
openvas
openvas
MPEi/X Default Accounts
2005-11-03 00:00:00
Unpassworded 'bash' account
2005-11-03 00:00:00
Unpassworded 'help' account (SSH/Telnet)
2005-11-03 00:00:00
saint
saint
SSH password weakness
2011-01-05 00:00:00
SSH password weakness
2011-01-05 00:00:00
SSH password weakness
2011-01-05 00:00:00
cve
cve
CVE-1999-0502
1998-03-01 05:00:00
packetstorm
packetstorm
SSH User Code Execution
2013-05-15 00:00:00
Varnish Cache CLI Interface Remote Code Execution
2014-12-20 00:00:00
zdt
zdt
SSH - User Code Execution Exploit
2017-03-23 00:00:00
SSH User Code Execution Vulnerability
2013-05-16 00:00:00
Varnish Cache CLI Interface Remote Code Execution Exploit
2014-12-21 00:00:00
rapid7community
rapid7community
Metasploit Wrapup
2017-08-07 13:34:12
threatpost
threatpost
New Mirai Variant Roars into Action With 54 Hour DDoS Attacks
2017-03-30 14:50:51
JSON
Related for ACCOUNT_ROOT_RAIN.NASL
nessus161openvas24saint4cve1packetstorm2zdt3rapid7community1threatpost1