NETGEAR DG834G Zebra Service Default Account

2004-08-12T07:29:52
ID OSVDB:9074
Type osvdb
Reporter thanasonic(thanasonic@hack.gr)
Modified 2004-08-12T07:29:52

Description

Vulnerability Description

By default, Netgear DG834G Routers install with a default password. The "zebra" service on TCP port 2602 has a password of "zebra" which is publicly known and documented. This allows attackers to trivially access the program or system.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

By default, Netgear DG834G Routers install with a default password. The "zebra" service on TCP port 2602 has a password of "zebra" which is publicly known and documented. This allows attackers to trivially access the program or system.

References:

Vendor URL: http://www.netgear.com/ Related OSVDB ID: 9073 Packet Storm: http://packetstormsecurity.org/filedesc/netgearDG834G.txt.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-08/0197.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-08/0201.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-08/0181.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-08/0194.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-08/0198.html ISS X-Force ID: 16981 Bugtraq ID: 10935