Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.SMB_BLANK_ADMIN_PASSWORD.NASL
HistoryOct 04, 2007 - 12:00 a.m.

Microsoft Windows SMB Blank Administrator Password

2007-10-0400:00:00
This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
www.tenable.com
284
JSON

The remote host is running one of the Microsoft Windows operating systems. It was possible to log into it using the administrator account with a blank password.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(26918);
 script_version("1.20");
 script_cvs_date("Date: 2018/07/27 18:38:15");
 script_bugtraq_id(990, 11199);
 script_cve_id("CVE-1999-0504", "CVE-1999-0505", "CVE-1999-0506", "CVE-2000-0222","CVE-2005-3595");

 script_name(english:"Microsoft Windows SMB Blank Administrator Password");
 script_summary(english:"Attempts to log into the remote host");

 script_set_attribute(attribute:"synopsis", value:"It is possible to log into the remote host.");
 script_set_attribute(attribute:"description", value:
"The remote host is running one of the Microsoft Windows operating
systems. It was possible to log into it using the administrator
account with a blank password.");
  script_set_attribute(attribute:"solution", value:"Set a password to the administrator account");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_set_attribute(attribute:"metasploit_name", value:'Microsoft Windows Authenticated Powershell Command Execution');
 script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

 script_set_attribute(attribute:"vuln_publication_date", value:"2000/02/15");
 script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/04");

 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_set_attribute(attribute:"default_account", value:"true");
  script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
 script_family(english:"Windows");
 script_dependencies("smb_login.nasl");
 script_require_keys("SMB/blank_admin_password");
 script_require_ports(139, 445);
 exit(0);
}

#

include("smb_func.inc");

val = get_kb_item("SMB/blank_admin_password");

if (val)
  security_hole(kb_smb_transport());

Related

openvas 1
nessus 2
packetstorm 4
cve 5
zdt 2
securityvulns 2
openvas
openvas
SMB Brute Force Logins With Default Credentials
2014-07-04 00:00:00
nessus
nessus
Microsoft Windows SMB Guessable User Credentials
2000-05-10 00:00:00
Microsoft Windows SMB Guest Account Local User Access
2007-10-04 00:00:00
packetstorm
packetstorm
Powershell Remoting Remote Command Execution
2015-03-24 00:00:00
Windows Management Instrumentation (WMI) Remote Command Execution
2013-10-23 00:00:00
Microsoft Windows Authenticated Powershell Command Execution
2013-07-13 00:00:00
cve
cve
CVE-1999-0506
1998-10-01 04:00:00
CVE-2000-0222
2000-02-15 05:00:00
CVE-1999-0504
1997-01-01 05:00:00
zdt
zdt
Microsoft Windows Authenticated Powershell Command Execution
2013-07-13 00:00:00
Windows Management Instrumentation (WMI) Remote Command Execution
2013-10-23 00:00:00
securityvulns
securityvulns
[VulnWatch] Blank Administrator password in DELL XP Professional install
2005-06-28 00:00:00
Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access
2004-09-16 00:00:00
JSON
Related for SMB_BLANK_ADMIN_PASSWORD.NASL
openvas1nessus2packetstorm4cve5zdt2securityvulns2