IBM iSeries Default Password

This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.

Synopsis :

The remote host is configured with a default password for an IBM
iSeries user account.

Description :

The remote IBM iSeries server has a default password set for a well-
known user account. An attacker can take advantage of this to login
to the server and take complete control of the server.

See also :

Solution :

Change the default password for iSeries accounts.

The CL command ANZDFTPWD can be used to detect user accounts with
the default password and can take action to disable the user or set
the user's password to 'expired'.

Also, review the 'QMAXSGNACN' and 'QMAXSIGN' system settings.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 10.0
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 57848 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now