Default Password (zebra) for Zebra

Critical Nessus Plugin ID 16205


The remote router is protected with a default password.


The remote host is running Zebra, a routing daemon.

The remote Zebra installation uses as its password the default, 'zebra'. An attacker may log in using this password and control the routing tables of the remote host.


Edit 'zebra.conf' and set a strong password.

See Also

Plugin Details

Severity: Critical

ID: 16205

File Name: zebra_default_password.nasl

Version: $Revision: 1.14 $

Type: remote

Family: Firewalls

Published: 2005/01/19

Modified: 2016/11/01

Dependencies: 11153

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2004/08/12

Reference Information

BID: 10935

OSVDB: 9074