Default Password (D13hh[) for 'root' Account

Critical Nessus Plugin ID 11262

Synopsis

The remote host has an account with a default password set.

Description

The account 'root' has the password 'D13hh['. An attacker may use it to gain further privileges on this system. The presence of this account suggests the system may have the D13HH rootkit (typically found on Solaris systems).

Solution

Set a password for this account or disable it.

Plugin Details

Severity: Critical

ID: 11262

File Name: account_root_rootkit1bis.nasl

Version: Revision: 1.27

Type: remote

Published: 2003/02/20

Updated: 2017/11/20

Dependencies: 55900, 10267, 17975

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

Metasploit (SSH User Code Execution)

Reference Information

CVE: CVE-1999-0502