Arkeia Network Backup Client Default Password

2005-02-20T00:00:00
ID OSVDB:15130
Type osvdb
Reporter H D Moore(fdlist@digitaloffense.net)
Modified 2005-02-20T00:00:00

Description

Vulnerability Description

By default, Arkeia Network Backup Client installs with a default password. The root account has a password of 'root' which is publicly known and documented. This allows attackers to trivially access the program or system.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s):

Follow the instructions in Appendix B: System Security in the Arkeia User Manual.

Short Description

By default, Arkeia Network Backup Client installs with a default password. The root account has a password of 'root' which is publicly known and documented. This allows attackers to trivially access the program or system.

References:

Other Advisory URL: http://metasploit.com/research/arkeia_agent/ Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0433.html CVE-2005-0496