Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2000 Stefaan Van DoorenOPENVAS:136141256231010500
HistoryNov 03, 2005 - 12:00 a.m.

Shiva Integrator Default Password (Telnet)

2005-11-0300:00:00
Copyright (C) 2000 Stefaan Van Dooren
plugins.openvas.org
28

AI Score

9.5

Confidence

High

EPSS

0.015

Percentile

87.0%

JSON

The remote Shiva router uses the default password.
This means that anyone who has (downloaded) a user manual can
telnet to it and reconfigure it to lock you out of it, and to
prevent you to use your internet connection.

# SPDX-FileCopyrightText: 2000 Stefaan Van Dooren
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.10500");
  script_version("2023-08-01T13:29:10+0000");
  script_tag(name:"last_modification", value:"2023-08-01 13:29:10 +0000 (Tue, 01 Aug 2023)");
  script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
  script_cve_id("CVE-1999-0507", "CVE-1999-0508");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_name("Shiva Integrator Default Password (Telnet)");
  script_category(ACT_ATTACK);
  script_copyright("Copyright (C) 2000 Stefaan Van Dooren");
  script_family("Default Accounts");
  script_dependencies("telnetserver_detect_type_nd_version.nasl", "gb_default_credentials_options.nasl");
  script_require_ports("Services/telnet", 23);
  script_mandatory_keys("telnet/banner/available");
  script_exclude_keys("default_credentials/disable_default_account_checks");

  script_tag(name:"solution", value:"Telnet to this router and set a different password immediately.");

  script_tag(name:"summary", value:"The remote Shiva router uses the default password.
  This means that anyone who has (downloaded) a user manual can
  telnet to it and reconfigure it to lock you out of it, and to
  prevent you to use your internet connection.");

  script_tag(name:"solution_type", value:"Mitigation");
  script_tag(name:"qod_type", value:"remote_vul");

  exit(0);
}

if(get_kb_item("default_credentials/disable_default_account_checks"))
  exit(0);

include("telnet_func.inc");
include("misc_func.inc");
include("port_service_func.inc");

port = telnet_get_port( default:23 );

soc = open_sock_tcp( port );
if( ! soc )
  exit( 0 );

data = string( "hello\n\r" );
send( data:data, socket:soc );
buf = recv( socket:soc, length:4096 );

close( soc );

if( "ntering privileged mode" >< buf ) {
  security_message( port:port );
  exit( 0 );
}

exit( 99 );

Related

openvas 35
nessus 25
cvelist 2
cve 2
packetstorm 1
metasploit 2
openvas
openvas
Cisco Device Default Password (SSH)
2007-11-04 00:00:00
Bay Networks Accelar 1200 Switch Default Credentials (Telnet)
2005-11-03 00:00:00
AirConnect Default Password (HTTP)
2005-11-03 00:00:00
nessus
nessus
Shiva LanRover Blank Password
2002-06-05 00:00:00
3Com Superstack 3 Switch Multiple Default Accounts
2001-08-29 00:00:00
Bay Networks Accelar 1200 Switch Default Password (password) for 'usrname' Account
2005-06-03 00:00:00
cvelist
cvelist
CVE-1999-0508
2000-02-04 05:00:00
CVE-1999-0507
2000-02-04 05:00:00
cve
cve
CVE-1999-0508
2000-02-04 05:00:00
CVE-1999-0507
2000-02-04 05:00:00
packetstorm
packetstorm
SNMP Community Login Scanner
2024-08-31 00:00:00
metasploit
metasploit
SNMP Enumeration Module
2010-12-25 06:31:38
SNMP Community Login Scanner
2012-03-18 05:07:27

AI Score

9.5

Confidence

High

EPSS

0.015

Percentile

87.0%

JSON
Related for OPENVAS:136141256231010500
openvas35nessus25cvelist2cve2packetstorm1metasploit2