Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Cheops NG clear text authentication

🗓️ 26 Mar 2006 00:00:00Reported by This script is Copyright (C) 2005 Michel ArboiType 
openvas
 openvas🔗 plugins.openvas.org👁 17 Views

Cheops NG clear text authentication

Show more

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Code
# OpenVAS Vulnerability Test
# $Id: cheopsNG_clear_text_password.nasl 6056 2017-05-02 09:02:50Z teissa $
# Description: Cheops NG clear text authentication
#
# Authors:
# Michel Arboi <[email protected]>
#
# Copyright:
# Copyright (C) 2005 Michel Arboi
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

tag_summary = "A Cheops NG agent is running on the remote host.

Description :

Cheops NG is running on this port.
Users with a valid account on this machine can connect 
to this service and use it to map your network, port scan 
machines and identify running services.

Passwords are transmitted in clear text and could be sniffed.
More, using this Cheops agent, it is possible to brute force
login/passwords on this system.";

tag_solution = "Configure Cheops to run on top of SSL or block this port 
from outside communication if you want to further restrict 
the use of Cheops.";

if(description)
{
 script_id(20162);
 script_version("$Revision: 6056 $");
 script_tag(name:"last_modification", value:"$Date: 2017-05-02 11:02:50 +0200 (Tue, 02 May 2017) $");
 script_tag(name:"creation_date", value:"2006-03-26 17:55:15 +0200 (Sun, 26 Mar 2006)");
 script_tag(name:"cvss_base", value:"4.0");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:P/A:N");
 script_name( "Cheops NG clear text authentication");
 
 script_category(ACT_GATHER_INFO);
  script_tag(name:"qod_type", value:"remote_banner");
 script_copyright("This script is Copyright (C) 2005 Michel Arboi");
 script_family( "Service detection");
 script_dependencies("cheopsNG_detect.nasl");
 script_require_keys("cheopsNG/password");
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 exit(0);
}

port = get_kb_item("cheopsNG/password");
if (port && get_port_transport(port) == ENCAPS_IP ) security_message(port);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
26 Mar 2006 00:00Current
7.3High risk
Vulners AI Score7.3
cheops ngclear text authenticationsslnetwork mappingport scanningservice identificationbrute force login
17
.json
Report