Yak! FTP Server Default Credentials (deprecated)

Medium Nessus Network Monitor Plugin ID 1091

Synopsis

The remote FTP Server is running with known default credentials

Description

Yak! uses the FTP protocol to transfer files. Yak! UserID and/or password may be a static value. Versions prior to 2.1.0 have known default credentials. An attacker can use this flaw to send arbitrary data to client machines.

Solution

Change the password for the default 'Yak' account.

Plugin Details

Severity: Medium

ID: 1091

Family: FTP Servers

Published: 2004/08/20

Modified: 2015/12/04

Dependencies: 1803, 1804

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N