Netgear RP114 telnet administration detection 1.0
 
Plugin ID272
Plugin nameNetgear RP114 telnet administration detection
Plugin filenameNetgear RP114 telnet administration detection.plugin
Plugin filesize2211 bytes
Plugin familyFirewalls
Plugin created nameMarc Ruef
Plugin created emailmarc dot ruef at computec dot ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2004/11/12
Plugin version1.0
Plugin protocoltcp
Plugin port23
Plugin procedure detectionopen|sleep|clsose|pattern_exists *ÿûÿû*Password: *
Plugin detection accuracy97
Plugin commentThere are several other possibilities to detect a Netgear RP114 - These will be implemented as independend ATK plugin in the future.
Bug affectedNetgear RP114
Bug not affectedOther solutions
Bug vulnerability classConfiguration
Bug descriptionThe remote host seems to be a Netgear RP114. This is a small SOHO appliance firewall. It is possible to define the settings over the telnet interface. This does just rely on a simple password authentication (no user name) in clear text.
Bug solutionThe server should be deactivated or de-installed if not necessary. To make it harder to find the server the daemon could be configured to listen at another port (e.g. 8023). Try to prevent unwanted connection attempts by filtering traffic with firewalling.
Bug fixing timeApprox. 1 hour
Bug exploit availabilityYes
Bug remoteYes
Bug localNo
Bug severityMedium
Bug popularity6
Bug simplicity8
Bug impact7
Bug risk7
Source LiteratureHacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, Düsseldorf, ISBN 381582284X
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.