Default Password (openvpnas) for 'root' Account

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote system can be accessed with a default account.

Description :

The account 'root' on the remote host has the password 'openvpnas'.

An attacker may leverage this issue to gain administrative access to
the affected system.

Note that OpenVPN Access Server virtual appliances are known to use
these credentials to provide complete, administrative access to the
appliance.

Solution :

Set a strong password for this account or use ACLs to restrict access
to the host.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: Default Unix Accounts

Nessus Plugin ID: 66693 ()

Bugtraq ID:

CVE ID: CVE-1999-0502