Default Password (alpine) for 'root' Account

This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.


Synopsis :

An administrative account on the remote host uses a weak password.

Description :

The account 'root' on the remote host has the password 'alpine'.

An attacker may leverage this issue to gain full access to the
affected system.

Note that iPhones are known to use these credentials by default and
allow access via SSH when jailbroken.

See also :

http://www.nessus.org/u?5689603a

Solution :

Set a strong password for this account or disable it.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: Default Unix Accounts

Nessus Plugin ID: 42367 (account_root_alpine.nasl)

Bugtraq ID:

CVE ID: CVE-1999-0502

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial