Default Password (m) for 'root' Account

This script is Copyright (C) 2010-2011 Tenable Network Security, Inc.


Synopsis :

The remote system can be accessed with a default account.

Description :

The account 'root' on the remote host has the password 'm'.

An attacker may leverage this issue to gain access to the affected
system.

Note that some Camtron IP cameras are reported to use these
credentials by default.

See also :

https://www.trustwave.com/spiderlabs/advisories/TWSL2010-006.txt
http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0128.html

Solution :

Either set a strong password for this account, disable it, or use
ACLs to restrict access to the host.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Default Unix Accounts

Nessus Plugin ID: 50601 ()

Bugtraq ID: 44841

CVE ID: CVE-2010-4233