DBMan Multiple Default Account

2006-01-31T23:46:19
ID OSVDB:23036
Type osvdb
Reporter OSVDB
Modified 2006-01-31T23:46:19

Description

Vulnerability Description

By default, DBMan installs with several default passwords. The following account/password combinations are publicly known and documented: admin/admin, author/author, guest/guest. This allows attackers to trivially access the program or system via the db.cgi program.

Short Description

By default, DBMan installs with several default passwords. The following account/password combinations are publicly known and documented: admin/admin, author/author, guest/guest. This allows attackers to trivially access the program or system via the db.cgi program.

References:

Vendor URL: http://www.gossamer-threads.com Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0001.html