Default Password (nsroot) for 'nsroot' Account

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.


Synopsis :

The remote system can be accessed with a default account.

Description :

The account 'nsroot' on the remote host has the password 'nsroot'.

An attacker may leverage this issue to gain administrative access to
the affected system.

Note that Citrix NetScaler appliances are known to use these
credentials to provide complete, administrative access to the Citrix
NetScaler appliance.

See also :

http://www.nessus.org/u?74336bf9

Solution :

If the host is a Citrix NetScaler, reset the nsroot password.

Otherwise, set a strong password for this account or use ACLs to
restrict access to the host.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: Default Unix Accounts

Nessus Plugin ID: 66393 ()

Bugtraq ID:

CVE ID: CVE-1999-0502

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now