Yak! FTP Server Default Credentials (deprecated)

medium Nessus Network Monitor Plugin ID 1091

Synopsis

The remote FTP Server is running with known default credentials

Description

Yak! uses the FTP protocol to transfer files. Yak! UserID and/or password may be a static value. Versions prior to 2.1.0 have known default credentials. An attacker can use this flaw to send arbitrary data to client machines.

Solution

Change the password for the default 'Yak' account.

Plugin Details

Severity: Medium

ID: 1091

Family: FTP Servers

Published: 8/20/2004

Updated: 9/16/2018

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Detections

Analytics