Default FTP Credentials (ntpupdate / ntpupdate)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote FTP server can be accessed with default credentials.

Description :

It is possible to log into the remote FTP server by providing default
credentials. A remote attacker could exploit this to gain access of
the remote server.

These credentials are known to apply to Schneider Electric Modicon
M340 for Ethernet devices
however, they may apply to other FTP
services as well.

See also :

http://www.nessus.org/u?d597c448

Solution :

Change the default password or block access to the port.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)

Family: FTP

Nessus Plugin ID: 73188 ()

Bugtraq ID:

CVE ID: