Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2000-2018 Tenable Network Security, Inc.PASSWORDLESS_CAYMAN_ROUTER.NASL
HistoryMar 12, 2000 - 12:00 a.m.

Cayman DSL Router Unauthenticated Access

2000-03-1200:00:00
This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
www.tenable.com
51
JSON

The remote router has no password. An intruder may connect to it and disable it easily.

#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");

if(description)
{
 script_id(10345);
 script_version ("1.16");

 script_cve_id("CVE-1999-0508");

 script_name(english:"Cayman DSL Router Unauthenticated Access");
 
 script_set_attribute(attribute:"synopsis", value:
"It is possible to log in to the remote router without any
password." );
 script_set_attribute(attribute:"description", value:
"The remote router has no password. An intruder
may connect to it and disable it easily." );
 script_set_attribute(attribute:"solution", value:
"Set a strong password." );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'SNMP Community Scanner');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
 script_set_attribute(attribute:"plugin_publication_date", value: "2000/03/12");
 script_cvs_date("Date: 2018/08/13 14:32:36");
 script_set_attribute(attribute:"vuln_publication_date", value: "1999/01/01");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_summary(english:"Notifies that the remote cayman router has no password");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.");
 script_family(english:"Misc.");
 script_dependencie("find_service1.nasl");
 script_require_ports("Services/telnet", 23);
 exit(0);
}

#
# The script code starts here
#
include('telnet_func.inc');
port = get_kb_item("Services/telnet");
if(!port) port = 23;

if(get_port_state(port))
{
 buf = get_telnet_banner(port:port);
 if ( ! buf || "Terminal shell" >!< buf ) exit(0);
 soc = open_sock_tcp(port);
 if(soc)
 {
  buf = telnet_negotiate(socket:soc);
  if("Terminal shell" >< buf)
  	{
	 r = recv(socket:soc, length:2048);
	 b = buf + r;
	 if("completed login" >< b)security_hole(port);
	}
  close(soc);
 }
}

Related

nessus 24
openvas 36
cve 1
nessus
nessus
Shiva LanRover Blank Password
2002-06-05 00:00:00
Bay Networks Accelar 1200 Switch Default Password (password) for 'usrname' Account
2005-06-03 00:00:00
3Com Superstack 3 Switch Multiple Default Accounts
2001-08-29 00:00:00
openvas
openvas
Enhydra Multiserver Default Password
2005-11-03 00:00:00
WhatsUp Gold Default Admin Account
2005-11-03 00:00:00
Shiva LanRover Blank Password
2005-11-03 00:00:00
cve
cve
CVE-1999-0508
1998-06-01 04:00:00
JSON
Related for PASSWORDLESS_CAYMAN_ROUTER.NASL
nessus24openvas36cve1