Default Password (root) for 'root' Account

This script is Copyright (C) 2003-2013 Tenable Network Security, Inc.


Synopsis :

An account on the remote host uses a known password.

Description :

The account 'root' on the remote host has the password 'root'. An
attacker may leverage this issue to gain total control of the affected
system.

Note that, while SKIDATA Freemotion.Gate controllers are known to use
these credentials, this plugin reports any time it finds a host using
these credentials, regardless of its type.

See also :

http://www.nessus.org/u?d2694944

Solution :

Change the password for this account or disable it.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: Default Unix Accounts

Nessus Plugin ID: 11255 (account_root_root.nasl)

Bugtraq ID:

CVE ID: CVE-1999-0502