Lucene search
Copyright (C) 2005 Michel ArboiOPENVAS:136141256231017293HistoryNov 03, 2005 - 12:00 a.m.
Default password 'debug' for account 'user' (SSH/Telnet)
2005-11-0300:00:00
Copyright (C) 2005 Michel Arboi
plugins.openvas.org
14
9.7 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.7%
The account
# SPDX-FileCopyrightText: 2005 Michel Arboi
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.17293");
script_version("2024-04-24T05:05:32+0000");
script_tag(name:"last_modification", value:"2024-04-24 05:05:32 +0000 (Wed, 24 Apr 2024)");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_cve_id("CVE-1999-0501", "CVE-1999-0502", "CVE-1999-1420", "CVE-1999-1421");
script_name("Default password 'debug' for account 'user' (SSH/Telnet)");
script_category(ACT_ATTACK);
script_family("Default Accounts");
script_copyright("Copyright (C) 2005 Michel Arboi");
script_dependencies("find_service.nasl", "telnet.nasl", "ssh_detect.nasl", "gb_default_credentials_options.nasl");
script_require_ports("Services/telnet", 23, "Services/ssh", 22);
script_exclude_keys("default_credentials/disable_default_account_checks");
script_xref(name:"URL", value:"https://web.archive.org/web/20210129180815/http://www.securityfocus.com/bid/212/");
script_tag(name:"summary", value:"The account 'user' has the password 'debug'.");
script_tag(name:"vuldetect", value:"Tries to login via SSH or Telnet with known default
credentials.");
script_tag(name:"impact", value:"An attacker may use it to gain further privileges on this
system.");
script_tag(name:"solution", value:"Set a strong password for this account or disable it.");
script_tag(name:"solution_type", value:"Mitigation");
script_tag(name:"qod_type", value:"remote_vul");
exit(0);
}
if( get_kb_item( "default_credentials/disable_default_account_checks" ) )
exit( 0 );
include("ssh_func.inc");
include("telnet_func.inc");
include("default_account.inc");
include("misc_func.inc");
include("port_service_func.inc");
account = "user";
password = "debug";
port = check_account( login:account, password:password );
if( port ) {
security_message( port:port );
exit( 0 );
}
exit( 99 );
Related
openvas
openvas
Default password 'debug' for account 'super' (SSH/Telnet)
2005-11-03 00:00:00
Default password 'forgot' for account 'user' (SSH/Telnet)
2005-11-03 00:00:00
Default password 'forgot' for account 'super' (SSH/Telnet)
2005-11-03 00:00:00
nessus
nessus
Default Password (debug) for 'super' Account
2005-03-08 00:00:00
Default Password (forgot) for 'super' Account
2005-03-08 00:00:00
Default Password (guest) for 'guest' Account
2003-02-20 00:00:00
cve
cve
packetstorm
packetstorm
SSH User Code Execution
2013-05-15 00:00:00
Varnish Cache CLI Interface Remote Code Execution
2014-12-20 00:00:00
zdt
zdt
SSH - User Code Execution Exploit
2017-03-23 00:00:00
SSH User Code Execution Vulnerability
2013-05-16 00:00:00
Varnish Cache CLI Interface Remote Code Execution Exploit
2014-12-21 00:00:00
saint
saint
SSH password weakness
2011-01-05 00:00:00
SSH password weakness
2011-01-05 00:00:00
SSH password weakness
2011-01-05 00:00:00
rapid7community
rapid7community
Metasploit Wrapup
2017-08-07 13:34:12
threatpost
threatpost
New Mirai Variant Roars into Action With 54 Hour DDoS Attacks
2017-03-30 14:50:51
9.7 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.7%
Related for OPENVAS:136141256231017293