Sambar Server Default Accounts

This script is Copyright (C) 2003-2013 Tenable Network Security, Inc.


Synopsis :

Default accounts are active on the remote web server.

Description :

The Sambar web server comes with some default accounts. It is possible
to log in as some of them without password. An attacker may use this
flaw to alter the content of this server.

See also :

http://archives.neohapsis.com/archives/bugtraq/1998_2/0502.html

Solution :

Set a password for every account or disable it.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)

Family: Web Servers

Nessus Plugin ID: 11493 ()

Bugtraq ID: 2255

CVE ID: