Windows NT FTP 'guest' Account Present

High Nessus Plugin ID 10166


There is a 'guest' account on the remote FTP server.


The remote Windows host has a 'guest' FTP account enabled. This could allow a remote attacker to upload or download arbitrary files on the remote host.

Note that this plugin only tests for guest accounts over FTP.


Disable this FTP account.

Plugin Details

Severity: High

ID: 10166

File Name: nt_ftp_guest.nasl

Version: $Revision: 1.32 $

Type: remote

Family: FTP

Published: 1999/06/22

Modified: 2017/03/03

Dependencies: 10079, 10092, 10990, 11936

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P


Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Excluded KB Items: global_settings/supplied_logins_only

Vulnerability Publication Date: 1995/01/01

Reference Information

CVE: CVE-1999-0546

BID: 87877

OSVDB: 129