ID OPENVAS:1361412562310103696 Type openvas Reporter This script is Copyright (C) 2013 Greenbone Networks GmbH Modified 2019-09-06T00:00:00
Description
The remote BusyBox Telnet Console is not protected by a password.
###############################################################################
# OpenVAS Vulnerability Test
#
# Unprotected BusyBox Telnet Console
#
# Authors:
# Michael Meyer <michael.meyer@greenbone.net>
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.103696");
script_version("2019-09-06T14:17:49+0000");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Unprotected BusyBox Telnet Console");
script_tag(name:"last_modification", value:"2019-09-06 14:17:49 +0000 (Fri, 06 Sep 2019)");
script_tag(name:"creation_date", value:"2013-04-11 12:36:40 +0100 (Thu, 11 Apr 2013)");
script_category(ACT_ATTACK);
script_family("Default Accounts");
script_copyright("This script is Copyright (C) 2013 Greenbone Networks GmbH");
script_dependencies("telnetserver_detect_type_nd_version.nasl", "gb_default_credentials_options.nasl");
script_require_ports("Services/telnet", 23);
script_mandatory_keys("telnet/busybox/console/detected");
script_exclude_keys("default_credentials/disable_default_account_checks");
script_tag(name:"solution", value:"Set a password.");
script_tag(name:"summary", value:"The remote BusyBox Telnet Console is not protected by a password.");
script_tag(name:"solution_type", value:"Mitigation");
script_tag(name:"qod_type", value:"remote_vul");
exit(0);
}
if(get_kb_item("default_credentials/disable_default_account_checks"))
exit(0);
include("telnet_func.inc");
include("misc_func.inc");
include("dump.inc");
port = telnet_get_port( default:23 );
banner = telnet_get_banner( port:port );
if( ! banner || ( "BusyBox" >!< banner && "list of built-in commands" >!< banner ) )
exit( 0 );
soc = open_sock_tcp( port );
if( ! soc )
exit( 0 );
buf = telnet_negotiate( socket:soc );
if( "BusyBox" >!< buf && "list of built-in commands" >!< buf )
exit( 0 );
send( socket:soc, data:'id\n' );
recv = recv( socket:soc, length:512 );
send( socket:soc, data:'exit\n' );
close( soc );
if( recv =~ "uid=[0-9]+.*gid=[0-9]+.*" ) {
security_message( port:port );
exit( 0 );
}
exit( 99 );
{"id": "OPENVAS:1361412562310103696", "type": "openvas", "bulletinFamily": "scanner", "title": "Unprotected BusyBox Telnet Console", "description": "The remote BusyBox Telnet Console is not protected by a password.", "published": "2013-04-11T00:00:00", "modified": "2019-09-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103696", "reporter": "This script is Copyright (C) 2013 Greenbone Networks GmbH", "references": [], "cvelist": [], "lastseen": "2019-09-09T15:27:06", "viewCount": 23, "enchantments": {"dependencies": {"references": [], "modified": "2019-09-09T15:27:06", "rev": 2}, "score": {"value": 0.3, "vector": "NONE", "modified": "2019-09-09T15:27:06", "rev": 2}, "vulnersScore": 0.3}, "pluginID": "1361412562310103696", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Unprotected BusyBox Telnet Console\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103696\");\n script_version(\"2019-09-06T14:17:49+0000\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Unprotected BusyBox Telnet Console\");\n script_tag(name:\"last_modification\", value:\"2019-09-06 14:17:49 +0000 (Fri, 06 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-04-11 12:36:40 +0100 (Thu, 11 Apr 2013)\");\n script_category(ACT_ATTACK);\n script_family(\"Default Accounts\");\n script_copyright(\"This script is Copyright (C) 2013 Greenbone Networks GmbH\");\n script_dependencies(\"telnetserver_detect_type_nd_version.nasl\", \"gb_default_credentials_options.nasl\");\n script_require_ports(\"Services/telnet\", 23);\n script_mandatory_keys(\"telnet/busybox/console/detected\");\n script_exclude_keys(\"default_credentials/disable_default_account_checks\");\n\n script_tag(name:\"solution\", value:\"Set a password.\");\n\n script_tag(name:\"summary\", value:\"The remote BusyBox Telnet Console is not protected by a password.\");\n\n script_tag(name:\"solution_type\", value:\"Mitigation\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\nif(get_kb_item(\"default_credentials/disable_default_account_checks\"))\n exit(0);\n\ninclude(\"telnet_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"dump.inc\");\n\nport = telnet_get_port( default:23 );\nbanner = telnet_get_banner( port:port );\nif( ! banner || ( \"BusyBox\" >!< banner && \"list of built-in commands\" >!< banner ) )\n exit( 0 );\n\nsoc = open_sock_tcp( port );\nif( ! soc )\n exit( 0 );\n\nbuf = telnet_negotiate( socket:soc );\n\nif( \"BusyBox\" >!< buf && \"list of built-in commands\" >!< buf )\n exit( 0 );\n\nsend( socket:soc, data:'id\\n' );\nrecv = recv( socket:soc, length:512 );\n\nsend( socket:soc, data:'exit\\n' );\nclose( soc );\n\nif( recv =~ \"uid=[0-9]+.*gid=[0-9]+.*\" ) {\n security_message( port:port );\n exit( 0 );\n}\n\nexit( 99 );\n", "naslFamily": "Default Accounts"}