Nortel Networks router telnet user level without password 1.0
 
Plugin ID289
Plugin nameNortel Networks router telnet user level without password
Plugin filenameNortel Networks router telnet user level without password.plugin
Plugin filesize2233 bytes
Plugin familyNetwork Devices
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/04
Plugin version1.0
Plugin protocoltcp
Plugin port23
Plugin procedure exploitopen|sleep|send User\n|sleep|close|pattern_exists $
Plugin exploit accuracy98
Plugin commentThe NASL script is Copyright (C) 2000 Victor Kirhenshtein
Bug produced nameNortel Networks
Bug affectedNortel Networks router
Bug not affectedOther solutions
Bug vulnerability classConfiguration
Bug descriptionThe remote Nortel Networks (former Bay Networks) router has no password for user account. An attacker could telnet to the router and reconfigure it to lock you out of it, and to prevent you to use your internet connection.
Bug solutiontelnet to this router and set a password immediately.
Bug fixing timeApprox. 20 minutes
Bug exploit availabilityYes
Bug remoteYes
Bug localMaybe
Bug severityMedium
Bug popularity7
Bug simplicity7
Bug impact8
Bug risk7
Bug Nessus riskMedium
Bug check toolsNessus can check this flaw with the plugin 10529 (Nortel Networks passwordless router (user level)).
Source Nessus ID10529
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.