CA BrightStor ARCserve/Enterprise Backup Persistent Default Administrator Account

critical Nessus Plugin ID 16390

Language:

Synopsis

Arbitrary code can be executed on the remote host.

Description

The remote host is running UniversalAgent, an agent used by BrightStor ARCserve to perform backups.

The remote version of this agent contains a default account with the username '\x02root\x03' and password '\x02<%j8U]`~+Ri\x03'.

An attacker may use this account to gain full access to the remote host.

Solution

Unknown at this time.

Plugin Details

Severity: Critical

ID: 16390

File Name: arcserve_default_password.nasl

Version: 1.15

Type: remote

Family: Gain a shell remotely

Published: 2/14/2005

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2/10/2005

Reference Information

CVE: CVE-2005-0349

BID: 12522

Detections

Analytics