Zaurus PDA FTP Server Unpassworded root Account

Critical Nessus Plugin ID 11045


The remote FTP server has an account with a blank password.


The remote Zaurus FTP server can be accessed as the user 'root' with no password. An attacker may use this flaw to steal or modify the content of your PDA, including (but not limited to) your address book, personal files, and list of appointments.


There is no known solution at this time.

See Also

Plugin Details

Severity: Critical

ID: 11045

File Name: ftp_zaurus.nasl

Version: $Revision: 1.15 $

Type: remote

Family: FTP

Published: 2002/07/11

Modified: 2016/10/10

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2002/07/10

Reference Information

CVE: CVE-2002-1974

BID: 5200

OSVDB: 848