Sun JavaServer Default Password

2002-09-12T00:00:00
ID OSVDB:817
Type osvdb
Reporter OSVDB
Modified 2002-09-12T00:00:00

Description

Vulnerability Description

By default, Sun JavaServer installs with a default password. The admin account has a password of admin which is publicly known and documented. This allows attackers to trivially access the program or system.

Technical Description

The service runs on port 9090

Solution Description

Immediately after installation, change all default install passwords to a unique and secure password. When possible, change default accounts to custom names as well.

Short Description

By default, Sun JavaServer installs with a default password. The admin account has a password of admin which is publicly known and documented. This allows attackers to trivially access the program or system.

References:

Snort Signature ID: 1859 Nessus Plugin ID:10995 CVE-1999-0508