Random password for 'root' account

critical Nessus Plugin ID 40987


The remote system has an authentication bypass vulnerability.


Nessus was able to login to the remote host as 'root' via SSH with a random password.

A remote attacker can exploit this to gain access to the affected host, possibly at an administrative level.

This may be due to a known issue with some versions of Ubuntu's libpam-runtime package when used in a non-default manner, although Nessus has not tried to verify the underlying cause.


If the remote host is running Ubuntu, upgrade to libpam-runtime 1.0.1-4ubuntu5.6 / 1.0.1-9ubuntu1.1 or later.

Otherwise, make sure the root account is secured with a strong password, and SSH is configured to require authentication.

See Also



Plugin Details

Severity: Critical

ID: 40987

File Name: account_root_randpw.nasl

Version: 1.17

Type: remote

Published: 9/15/2009

Updated: 11/15/2018

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 8/7/2009

Reference Information

CVE: CVE-2009-3232

BID: 36306

CWE: 287

Secunia: 36620