Default Password (alien) for 'root' Account

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

The remote system can be accessed with a default administrator
account.

Description :

The account 'root' on the remote host has the password 'alien'.
An attacker may leverage this issue to gain access, likely as an
administrator, to the affected system.

Note that DD-WRT, an open source Linux-based firmware popular on
small routers and embedded systems, is known to use these
credentials by default.

Solution :

Change the password for this account or disable it.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Default Unix Accounts

Nessus Plugin ID: 46240 (account_root_alien.nasl)

Bugtraq ID: 39942

CVE ID: CVE-1999-0502