Detections
Analytics

Random password for 'root' account

critical Nessus Plugin ID 40987

Language:

Synopsis

The remote system has an authentication bypass vulnerability.

Description

Nessus was able to login to the remote host as 'root' via SSH with a random password.

A remote attacker can exploit this to gain access to the affected host, possibly at an administrative level.

This may be due to a known issue with some versions of Ubuntu's libpam-runtime package when used in a non-default manner, although Nessus has not tried to verify the underlying cause.

Solution

If the remote host is running Ubuntu, upgrade to libpam-runtime 1.0.1-4ubuntu5.6 / 1.0.1-9ubuntu1.1 or later.

Otherwise, make sure the root account is secured with a strong password, and SSH is configured to require authentication.

See Also

https://bugs.launchpad.net/ubuntu/+source/pam/+bug/410171

https://usn.ubuntu.com/828-1/

Plugin Details

Severity: Critical

ID: 40987

File Name: account_root_randpw.nasl

Version: 1.17

Type: remote

Published: 9/15/2009

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 8/7/2009

Reference Information

CVE: CVE-2009-3232

BID: 36306

CWE: 287

Secunia: 36620