Red Hat Piranha Default Password

2002-09-12T00:00:00
ID OSVDB:289
Type osvdb
Reporter OSVDB
Modified 2002-09-12T00:00:00

Description

Vulnerability Description

By default, Piranha installs with a default password. The piranha account has a password of either piranha or q which is publicly known and documented. This allows attackers to trivially access the program or system.

Solution Description

Immediately after installation, change all default install passwords to a unique and secure password. When possible, change default accounts to custom names as well.

Short Description

By default, Piranha installs with a default password. The piranha account has a password of either piranha or q which is publicly known and documented. This allows attackers to trivially access the program or system.

References:

Vendor Specific Advisory URL Nessus Plugin ID:10381 ISS X-Force ID: 4299 Generic Informational URL: http://www.cirt.net/cgi-bin/passwd.pl?method=showven&ven=RedHat CVE-2000-0248 Bugtraq ID: 1148