ACC Tigris Access Terminal Configuration Disclosure

This script is Copyright (C) 2000-2011 Sebastian Andersson

Synopsis :

The remote router is affected by an information disclosure

Description :

The remote router is an ACC Tigris Terminal Server. Some software
versions on this router will allow an attacker to run the SHOW command
without first providing authentication. An attacker could exploit
this to read part of the router's configuration.

In addition there is a 'public' account with a default password of
'public' which would allow an attacker to execute non-privileged
commands on the host.

See also :

Solution :

Add access entries to the server to allow access only from authorized

Risk factor :

Medium / CVSS Base Score : 6.4
CVSS Temporal Score : 6.1

Family: Misc.

Nessus Plugin ID: 10351 (acc.nasl)

Bugtraq ID: 183

CVE ID: CVE-1999-0383