1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52
|
#
# This script was written by Chris Foster
#
#
# See the Nessus Scripts License for details
#
account = "db2as";
password = "ibmdb2";
if(description)
{
script_id(11863);
script_version ("$Revision: 1.7 $");
script_cve_id("CVE-2001-0051");
script_name(english:"Default password (ibmdb2) for db2as");
desc["english"] =
"
The account 'db2as' has the password 'ibmdb2'
An attacker may use it to gain further privileges on this system
Risk factor : High
Solution : Set a strong password for this account or disable it.
This may disable dependant applications so beware";
script_description(english:desc["english"]);
script_summary(english:"Logs into the remote host");
script_copyright(english:"This script is Copyright (C) 2003 Chris Foster");
script_category(ACT_GATHER_INFO);
script_family(english:"Default Unix Accounts");
script_dependencie("find_service.nes", "ssh_detect.nasl");
script_require_ports("Services/telnet", 23, "Services/ssh", 22);
script_require_keys("Settings/ThoroughTests");
exit(0);
}
#
# The script code starts here :
#
include("default_account.inc");
include("global_settings.inc");
if ( ! thorough_tests ) exit(0);
port = check_account(login:account, password:password);
if(port)security_hole(port);
|