Detections
Analytics

Sambar Server Default Accounts

high Nessus Plugin ID 11493

Language:

Synopsis

Default accounts are active on the remote web server.

Description

The Sambar web server comes with some default accounts. It is possible to log in as some of them without password. An attacker may use this flaw to alter the content of this server.

Solution

Set a password for every account or disable it.

See Also

https://seclists.org/bugtraq/1998/Jun/51

Plugin Details

Severity: High

ID: 11493

File Name: sambar_default_accounts.nasl

Version: 1.18

Type: remote

Family: Web Servers

Published: 3/28/2003

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: www/sambar

Excluded KB Items: global_settings/supplied_logins_only

Vulnerability Publication Date: 6/10/1998

Reference Information

BID: 2255