Default Password (db2admin) for 'db2admin' Account on Windows

This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.


Synopsis :

An account on the remote Windows host uses a default password.

Description :

The 'db2admin' account on the remote Windows host uses a known
password. This account may have been created during installation of
DB2, for use managing the application, and likely belongs to the Local
Administrators group.

Note that while the DB2 installation no longer uses a default password
for this account, the upgrade process does not force a password change
if the 'db2admin' account exists from a previous install.

See also :

http://archives.neohapsis.com/archives/bugtraq/2000-12/0063.html

Solution :

Assign a different password to this account as soon as possible.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:ND)

Family: Databases

Nessus Plugin ID: 33852 ()

Bugtraq ID: 2068

CVE ID: CVE-2001-0051